Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/axios@0.9.0
Typenpm
Namespace
Nameaxios
Version0.9.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.32.0
Latest_non_vulnerable_version1.16.0
Affected_by_vulnerabilities
0
url VCID-3rmd-rsjh-27hf
vulnerability_id VCID-3rmd-rsjh-27hf
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when responseType: 'stream' is used, Axios returns the response stream without enforcing maxContentLength. This bypasses configured response-size limits and allows unbounded downstream consumption. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42036.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42036
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.0949
published_at 2026-06-12T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09472
published_at 2026-06-14T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09435
published_at 2026-06-11T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09483
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42036
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42036
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42036
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42036
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461633
reference_id 2461633
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461633
7
reference_url https://github.com/advisories/GHSA-vf2m-468p-8v99
reference_id GHSA-vf2m-468p-8v99
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vf2m-468p-8v99
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-vf2m-468p-8v99
reference_id GHSA-vf2m-468p-8v99
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:30:17Z/
url https://github.com/axios/axios/security/advisories/GHSA-vf2m-468p-8v99
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42036, GHSA-vf2m-468p-8v99
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rmd-rsjh-27hf
1
url VCID-47b2-yz73-8ffw
vulnerability_id VCID-47b2-yz73-8ffw
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, he fix for no_proxy hostname normalization bypass is incomplete. When no_proxy=localhost is set, requests to 127.0.0.1 and [::1] still route through the proxy instead of bypassing it. The shouldBypassProxy() function does pure string matching — it does not resolve IP aliases or loopback equivalents. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42038.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42038.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42038
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.24295
published_at 2026-06-12T12:55:00Z
1
value 0.00082
scoring_system epss
scoring_elements 0.24286
published_at 2026-06-14T12:55:00Z
2
value 0.00082
scoring_system epss
scoring_elements 0.24099
published_at 2026-06-11T12:55:00Z
3
value 0.00082
scoring_system epss
scoring_elements 0.24305
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42038
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42038
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42038
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42038
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461634
reference_id 2461634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461634
7
reference_url https://github.com/advisories/GHSA-m7pr-hjqh-92cm
reference_id GHSA-m7pr-hjqh-92cm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m7pr-hjqh-92cm
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-m7pr-hjqh-92cm
reference_id GHSA-m7pr-hjqh-92cm
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:46:29Z/
url https://github.com/axios/axios/security/advisories/GHSA-m7pr-hjqh-92cm
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42038, GHSA-m7pr-hjqh-92cm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47b2-yz73-8ffw
2
url VCID-4n9q-ca4t-nkh5
vulnerability_id VCID-4n9q-ca4t-nkh5
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode() function in lib/helpers/AxiosURLSearchParams.js contains a character mapping (charMap) at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent('\x00') correctly produces the safe sequence %00, the charMap entry '%00': '\x00' converts it back to a raw null byte. Primary impact is limited because the standard axios request flow is not affected. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42040
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24386
published_at 2026-06-14T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24196
published_at 2026-06-11T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24403
published_at 2026-06-13T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24393
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42040
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42040
2
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42040
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42040
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
5
reference_url https://github.com/advisories/GHSA-xhjh-pmcv-23jw
reference_id GHSA-xhjh-pmcv-23jw
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xhjh-pmcv-23jw
6
reference_url https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw
reference_id GHSA-xhjh-pmcv-23jw
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:48:02Z/
url https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42040, GHSA-xhjh-pmcv-23jw
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4n9q-ca4t-nkh5
3
url VCID-5mmh-tc9h-gkcu
vulnerability_id VCID-5mmh-tc9h-gkcu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42043.json
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42043.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42043
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07985
published_at 2026-06-12T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07977
published_at 2026-06-14T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07981
published_at 2026-06-13T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07949
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42043
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42043
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42043
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42043
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42043
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461626
reference_id 2461626
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461626
8
reference_url https://github.com/advisories/GHSA-pmwg-cvhr-8vh7
reference_id GHSA-pmwg-cvhr-8vh7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pmwg-cvhr-8vh7
9
reference_url https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7
reference_id GHSA-pmwg-cvhr-8vh7
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:47:20Z/
url https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7
10
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
11
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
12
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
13
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
14
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
15
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
16
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
17
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
18
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
19
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
20
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
21
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
22
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
23
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
24
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
25
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
26
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
27
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
28
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
29
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
30
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
31
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
32
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
33
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
34
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
35
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
36
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
37
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
38
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
39
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
40
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42043, GHSA-pmwg-cvhr-8vh7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5mmh-tc9h-gkcu
4
url VCID-63u5-xwj2-6bgd
vulnerability_id VCID-63u5-xwj2-6bgd
summary axios is vulnerable to Inefficient Regular Expression Complexity
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3749.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3749.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3749
reference_id
reference_type
scores
0
value 0.08894
scoring_system epss
scoring_elements 0.92777
published_at 2026-06-14T12:55:00Z
1
value 0.08894
scoring_system epss
scoring_elements 0.92749
published_at 2026-06-11T12:55:00Z
2
value 0.08894
scoring_system epss
scoring_elements 0.92774
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3749
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3749
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3749
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929
5
reference_url https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31
6
reference_url https://lists.apache.org/thread.html/r075d464dce95cd13c03ff9384658edcccd5ab2983b82bfc72b62bb10@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r075d464dce95cd13c03ff9384658edcccd5ab2983b82bfc72b62bb10@%3Ccommits.druid.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2@%3Ccommits.druid.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r3ae6d2654f92c5851bdb73b35e96b0e4e3da39f28ac7a1b15ae3aab8@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3ae6d2654f92c5851bdb73b35e96b0e4e3da39f28ac7a1b15ae3aab8@%3Ccommits.druid.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r4bf1b32983f50be00f9752214c1b53738b621be1c2b0dbd68c7f2391@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4bf1b32983f50be00f9752214c1b53738b621be1c2b0dbd68c7f2391@%3Ccommits.druid.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1@%3Ccommits.druid.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r74d0b359408fff31f87445261f0ee13bdfcac7d66f6b8e846face321@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r74d0b359408fff31f87445261f0ee13bdfcac7d66f6b8e846face321@%3Ccommits.druid.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/ra15d63c54dc6474b29f72ae4324bcb03038758545b3ab800845de7a1@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra15d63c54dc6474b29f72ae4324bcb03038758545b3ab800845de7a1@%3Ccommits.druid.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rc263bfc5b53afcb7e849605478d73f5556eb0c00d1f912084e407289@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc263bfc5b53afcb7e849605478d73f5556eb0c00d1f912084e407289@%3Ccommits.druid.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rfa094029c959da0f7c8cd7dc9c4e59d21b03457bf0cedf6c93e1bb0a@%3Cdev.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfa094029c959da0f7c8cd7dc9c4e59d21b03457bf0cedf6c93e1bb0a@%3Cdev.druid.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103@%3Ccommits.druid.apache.org%3E
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3749
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3749
17
reference_url https://www.npmjs.com/package/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/axios
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999784
reference_id 1999784
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999784
19
reference_url https://github.com/advisories/GHSA-cph5-m8f7-6c5x
reference_id GHSA-cph5-m8f7-6c5x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cph5-m8f7-6c5x
20
reference_url https://access.redhat.com/errata/RHSA-2021:3694
reference_id RHSA-2021:3694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3694
21
reference_url https://access.redhat.com/errata/RHSA-2021:4902
reference_id RHSA-2021:4902
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4902
22
reference_url https://access.redhat.com/errata/RHSA-2022:0056
reference_id RHSA-2022:0056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0056
23
reference_url https://access.redhat.com/errata/RHSA-2022:1276
reference_id RHSA-2022:1276
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1276
fixed_packages
0
url pkg:npm/axios@0.21.2
purl pkg:npm/axios@0.21.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-6b7c-jgtj-63eu
6
vulnerability VCID-92q4-fhsk-5bd9
7
vulnerability VCID-a346-zp6f-d7f7
8
vulnerability VCID-f821-yte2-pkbj
9
vulnerability VCID-h2m2-qvbh-47hy
10
vulnerability VCID-jpp8-3u2p-8qfn
11
vulnerability VCID-qxwf-qv1y-n7aq
12
vulnerability VCID-s4uw-vmgd-jkd5
13
vulnerability VCID-shja-phfk-1ua7
14
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.21.2
aliases CVE-2021-3749, GHSA-cph5-m8f7-6c5x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-63u5-xwj2-6bgd
5
url VCID-6a8h-2wvu-g7en
vulnerability_id VCID-6a8h-2wvu-g7en
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62718.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-62718
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.2144
published_at 2026-06-14T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21466
published_at 2026-06-13T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21454
published_at 2026-06-12T12:55:00Z
3
value 0.00069
scoring_system epss
scoring_elements 0.2127
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-62718
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62718
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
reference_id 03cdfc99e8db32a390e12128208b6778492cee9c
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
6
reference_url https://github.com/axios/axios/pull/10661
reference_id 10661
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/pull/10661
7
reference_url https://github.com/axios/axios/pull/10688
reference_id 10688
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/pull/10688
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456913
reference_id 2456913
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456913
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-62718
reference_id CVE-2025-62718
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-62718
10
reference_url https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df
reference_id fb3befb6daac6cad26b2e54094d0f2d9e47f24df
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df
11
reference_url https://github.com/advisories/GHSA-3p68-rc4w-qgx5
reference_id GHSA-3p68-rc4w-qgx5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3p68-rc4w-qgx5
12
reference_url https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5
reference_id GHSA-3p68-rc4w-qgx5
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5
13
reference_url https://datatracker.ietf.org/doc/html/rfc1034#section-3.1
reference_id rfc1034#section-3.1
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://datatracker.ietf.org/doc/html/rfc1034#section-3.1
14
reference_url https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2
reference_id rfc3986#section-3.2.2
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2
15
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
16
reference_url https://access.redhat.com/errata/RHSA-2026:13571
reference_id RHSA-2026:13571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13571
17
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
18
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
19
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
20
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
21
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
22
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
23
reference_url https://access.redhat.com/errata/RHSA-2026:19712
reference_id RHSA-2026:19712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19712
24
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
25
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
26
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
27
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
28
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
29
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
30
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
31
reference_url https://access.redhat.com/errata/RHSA-2026:24471
reference_id RHSA-2026:24471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24471
32
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
33
reference_url https://access.redhat.com/errata/RHSA-2026:24766
reference_id RHSA-2026:24766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24766
34
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
35
reference_url https://access.redhat.com/errata/RHSA-2026:24866
reference_id RHSA-2026:24866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24866
36
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
37
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
38
reference_url https://access.redhat.com/errata/RHSA-2026:8484
reference_id RHSA-2026:8484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8484
39
reference_url https://access.redhat.com/errata/RHSA-2026:8490
reference_id RHSA-2026:8490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8490
40
reference_url https://access.redhat.com/errata/RHSA-2026:8491
reference_id RHSA-2026:8491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8491
41
reference_url https://access.redhat.com/errata/RHSA-2026:8493
reference_id RHSA-2026:8493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8493
42
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
43
reference_url https://github.com/axios/axios/releases/tag/v0.31.0
reference_id v0.31.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/releases/tag/v0.31.0
44
reference_url https://github.com/axios/axios/releases/tag/v1.15.0
reference_id v1.15.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/releases/tag/v1.15.0
fixed_packages
0
url pkg:npm/axios@0.31.0
purl pkg:npm/axios@0.31.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-92q4-fhsk-5bd9
5
vulnerability VCID-a346-zp6f-d7f7
6
vulnerability VCID-h2m2-qvbh-47hy
7
vulnerability VCID-qxwf-qv1y-n7aq
8
vulnerability VCID-s4uw-vmgd-jkd5
9
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.0
1
url pkg:npm/axios@1.0.0-alpha.1
purl pkg:npm/axios@1.0.0-alpha.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.0.0-alpha.1
2
url pkg:npm/axios@1.15.0
purl pkg:npm/axios@1.15.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-7mzn-tmtx-q7dh
5
vulnerability VCID-92q4-fhsk-5bd9
6
vulnerability VCID-a346-zp6f-d7f7
7
vulnerability VCID-ef6h-8mvv-tqgb
8
vulnerability VCID-h2m2-qvbh-47hy
9
vulnerability VCID-qxwf-qv1y-n7aq
10
vulnerability VCID-s4uw-vmgd-jkd5
11
vulnerability VCID-zdx2-huy6-sqce
12
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.0
aliases CVE-2025-62718, GHSA-3p68-rc4w-qgx5
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6a8h-2wvu-g7en
6
url VCID-6b7c-jgtj-63eu
vulnerability_id VCID-6b7c-jgtj-63eu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27152.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27152.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27152
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43845
published_at 2026-06-11T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.44008
published_at 2026-06-14T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.4402
published_at 2026-06-13T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.44
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27152
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27152
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/commit/02c3c69ced0f8fd86407c23203835892313d7fde
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/02c3c69ced0f8fd86407c23203835892313d7fde
6
reference_url https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f
7
reference_url https://github.com/axios/axios/pull/6829
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/6829
8
reference_url https://github.com/axios/axios/releases/tag/v1.8.2
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/releases/tag/v1.8.2
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-27152
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-27152
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102223
reference_id 1102223
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102223
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2350618
reference_id 2350618
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2350618
12
reference_url https://github.com/axios/axios/issues/6463
reference_id 6463
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T19:32:00Z/
url https://github.com/axios/axios/issues/6463
13
reference_url https://github.com/advisories/GHSA-jr5f-v2jv-69x6
reference_id GHSA-jr5f-v2jv-69x6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jr5f-v2jv-69x6
14
reference_url https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6
reference_id GHSA-jr5f-v2jv-69x6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T19:32:00Z/
url https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6
fixed_packages
0
url pkg:npm/axios@0.30.0
purl pkg:npm/axios@0.30.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-92q4-fhsk-5bd9
6
vulnerability VCID-a346-zp6f-d7f7
7
vulnerability VCID-f821-yte2-pkbj
8
vulnerability VCID-g4m2-6ftk-bbaa
9
vulnerability VCID-h2m2-qvbh-47hy
10
vulnerability VCID-jpp8-3u2p-8qfn
11
vulnerability VCID-qxwf-qv1y-n7aq
12
vulnerability VCID-s4uw-vmgd-jkd5
13
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.30.0
1
url pkg:npm/axios@1.0.0-alpha.1
purl pkg:npm/axios@1.0.0-alpha.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.0.0-alpha.1
2
url pkg:npm/axios@1.8.2
purl pkg:npm/axios@1.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-7mzn-tmtx-q7dh
6
vulnerability VCID-92q4-fhsk-5bd9
7
vulnerability VCID-a346-zp6f-d7f7
8
vulnerability VCID-ef6h-8mvv-tqgb
9
vulnerability VCID-f821-yte2-pkbj
10
vulnerability VCID-g4m2-6ftk-bbaa
11
vulnerability VCID-h2m2-qvbh-47hy
12
vulnerability VCID-jpp8-3u2p-8qfn
13
vulnerability VCID-qxwf-qv1y-n7aq
14
vulnerability VCID-s4uw-vmgd-jkd5
15
vulnerability VCID-zdx2-huy6-sqce
16
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.8.2
aliases CVE-2025-27152, GHSA-jr5f-v2jv-69x6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6b7c-jgtj-63eu
7
url VCID-92q4-fhsk-5bd9
vulnerability_id VCID-92q4-fhsk-5bd9
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter (lib/adapters/http.js) that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type checking of the data payload, where if Object.prototype is polluted with getHeaders, append, pipe, on, once, and Symbol.toStringTag, Axios misidentifies any plain object payload as a FormData instance and calls the attacker-controlled getHeaders() function, merging the returned headers into the outgoing request. The vulnerable code resides exclusively in lib/adapters/http.js. The prototype pollution source does not need to originate from Axios itself — any prototype pollution primitive in any dependency in the application's dependency tree is sufficient to trigger this gadget. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42035.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42035.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42035
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.15307
published_at 2026-06-12T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.15279
published_at 2026-06-14T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.15179
published_at 2026-06-11T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.15314
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42035
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42035
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42035
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42035
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461606
reference_id 2461606
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461606
7
reference_url https://github.com/advisories/GHSA-6chq-wfr3-2hj9
reference_id GHSA-6chq-wfr3-2hj9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6chq-wfr3-2hj9
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9
reference_id GHSA-6chq-wfr3-2hj9
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T18:07:43Z/
url https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9
9
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
10
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
11
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
12
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
13
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
14
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
15
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
16
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
17
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
18
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
19
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
20
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
21
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
22
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
23
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
24
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
25
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
26
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
27
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
28
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
29
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
30
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
31
reference_url https://access.redhat.com/errata/RHSA-2026:24471
reference_id RHSA-2026:24471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24471
32
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
33
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
34
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
35
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
36
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
37
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
38
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
39
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42035, GHSA-6chq-wfr3-2hj9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92q4-fhsk-5bd9
8
url VCID-a346-zp6f-d7f7
vulnerability_id VCID-a346-zp6f-d7f7
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library's XSRF token protection logic uses JavaScript truthy/falsy semantics instead of strict boolean comparison for the withXSRFToken config property. When this property is set to any truthy non-boolean value (via prototype pollution or misconfiguration), the same-origin check (isURLSameOrigin) is short-circuited, causing XSRF tokens to be sent to all request targets including cross-origin servers controlled by an attacker. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42042.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42042.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42042
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20555
published_at 2026-06-12T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20554
published_at 2026-06-14T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20378
published_at 2026-06-11T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20576
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42042
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42042
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42042
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42042
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42042
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461637
reference_id 2461637
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461637
7
reference_url https://github.com/advisories/GHSA-xx6v-rp6x-q39c
reference_id GHSA-xx6v-rp6x-q39c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xx6v-rp6x-q39c
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-xx6v-rp6x-q39c
reference_id GHSA-xx6v-rp6x-q39c
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T17:35:32Z/
url https://github.com/axios/axios/security/advisories/GHSA-xx6v-rp6x-q39c
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42042, GHSA-xx6v-rp6x-q39c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a346-zp6f-d7f7
9
url VCID-f821-yte2-pkbj
vulnerability_id VCID-f821-yte2-pkbj
summary Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This vulnerability is fixed in 1.15.0 and 0.3.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40175.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40175.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40175
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.20034
published_at 2026-06-14T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.20059
published_at 2026-06-13T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.2004
published_at 2026-06-12T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19867
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40175
2
reference_url https://cert-portal.siemens.com/productcert/html/ssa-876049.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-876049.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40175
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40175
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/pull/10660#issuecomment-4224168081
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/10660#issuecomment-4224168081
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-40175
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-40175
7
reference_url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
reference_id 03cdfc99e8db32a390e12128208b6778492cee9c
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
8
reference_url https://github.com/axios/axios/pull/10660
reference_id 10660
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/pull/10660
9
reference_url https://github.com/axios/axios/pull/10688
reference_id 10688
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/pull/10688
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457432
reference_id 2457432
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457432
11
reference_url https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1
reference_id 363185461b90b1b78845dc8a99a1f103d9b122a1
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1
12
reference_url https://github.com/advisories/GHSA-fvcv-3m26-pcqx
reference_id GHSA-fvcv-3m26-pcqx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fvcv-3m26-pcqx
13
reference_url https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx
reference_id GHSA-fvcv-3m26-pcqx
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx
14
reference_url https://access.redhat.com/errata/RHSA-2026:10104
reference_id RHSA-2026:10104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10104
15
reference_url https://access.redhat.com/errata/RHSA-2026:10153
reference_id RHSA-2026:10153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10153
16
reference_url https://access.redhat.com/errata/RHSA-2026:10172
reference_id RHSA-2026:10172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10172
17
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
18
reference_url https://access.redhat.com/errata/RHSA-2026:11414
reference_id RHSA-2026:11414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11414
19
reference_url https://access.redhat.com/errata/RHSA-2026:13542
reference_id RHSA-2026:13542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13542
20
reference_url https://access.redhat.com/errata/RHSA-2026:13548
reference_id RHSA-2026:13548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13548
21
reference_url https://access.redhat.com/errata/RHSA-2026:13571
reference_id RHSA-2026:13571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13571
22
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
23
reference_url https://access.redhat.com/errata/RHSA-2026:14774
reference_id RHSA-2026:14774
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14774
24
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
25
reference_url https://access.redhat.com/errata/RHSA-2026:15091
reference_id RHSA-2026:15091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:15091
26
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
27
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
28
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
29
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
30
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
31
reference_url https://access.redhat.com/errata/RHSA-2026:19712
reference_id RHSA-2026:19712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19712
32
reference_url https://access.redhat.com/errata/RHSA-2026:20041
reference_id RHSA-2026:20041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20041
33
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
34
reference_url https://access.redhat.com/errata/RHSA-2026:24762
reference_id RHSA-2026:24762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24762
35
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
36
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
37
reference_url https://access.redhat.com/errata/RHSA-2026:8484
reference_id RHSA-2026:8484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8484
38
reference_url https://access.redhat.com/errata/RHSA-2026:8490
reference_id RHSA-2026:8490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8490
39
reference_url https://access.redhat.com/errata/RHSA-2026:8491
reference_id RHSA-2026:8491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8491
40
reference_url https://access.redhat.com/errata/RHSA-2026:8493
reference_id RHSA-2026:8493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8493
41
reference_url https://access.redhat.com/errata/RHSA-2026:8499
reference_id RHSA-2026:8499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8499
42
reference_url https://access.redhat.com/errata/RHSA-2026:8500
reference_id RHSA-2026:8500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8500
43
reference_url https://access.redhat.com/errata/RHSA-2026:8501
reference_id RHSA-2026:8501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8501
44
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
45
reference_url https://github.com/axios/axios/releases/tag/v0.31.0
reference_id v0.31.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/releases/tag/v0.31.0
46
reference_url https://github.com/axios/axios/releases/tag/v1.15.0
reference_id v1.15.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/releases/tag/v1.15.0
fixed_packages
0
url pkg:npm/axios@0.31.0
purl pkg:npm/axios@0.31.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-92q4-fhsk-5bd9
5
vulnerability VCID-a346-zp6f-d7f7
6
vulnerability VCID-h2m2-qvbh-47hy
7
vulnerability VCID-qxwf-qv1y-n7aq
8
vulnerability VCID-s4uw-vmgd-jkd5
9
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.0
1
url pkg:npm/axios@1.0.0-alpha.1
purl pkg:npm/axios@1.0.0-alpha.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.0.0-alpha.1
2
url pkg:npm/axios@1.15.0
purl pkg:npm/axios@1.15.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-7mzn-tmtx-q7dh
5
vulnerability VCID-92q4-fhsk-5bd9
6
vulnerability VCID-a346-zp6f-d7f7
7
vulnerability VCID-ef6h-8mvv-tqgb
8
vulnerability VCID-h2m2-qvbh-47hy
9
vulnerability VCID-qxwf-qv1y-n7aq
10
vulnerability VCID-s4uw-vmgd-jkd5
11
vulnerability VCID-zdx2-huy6-sqce
12
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.0
aliases CVE-2026-40175, GHSA-fvcv-3m26-pcqx
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f821-yte2-pkbj
10
url VCID-h2m2-qvbh-47hy
vulnerability_id VCID-h2m2-qvbh-47hy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42041.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42041
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20525
published_at 2026-06-12T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20522
published_at 2026-06-14T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20545
published_at 2026-06-13T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20348
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42041
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42041
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42041
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42041
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461629
reference_id 2461629
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461629
8
reference_url https://github.com/advisories/GHSA-w9j2-pvgh-6h63
reference_id GHSA-w9j2-pvgh-6h63
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w9j2-pvgh-6h63
9
reference_url https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63
reference_id GHSA-w9j2-pvgh-6h63
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:29:47Z/
url https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63
10
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
11
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
12
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
13
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
14
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
15
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
16
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
17
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
18
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
19
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
20
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
21
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
22
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
23
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
24
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
25
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
26
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
27
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
28
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
29
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
30
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
31
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
32
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
33
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
34
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
35
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
36
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
37
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
38
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
39
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
40
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42041, GHSA-w9j2-pvgh-6h63
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h2m2-qvbh-47hy
11
url VCID-jpp8-3u2p-8qfn
vulnerability_id VCID-jpp8-3u2p-8qfn
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25639.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25639.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25639
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.32051
published_at 2026-06-14T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.3187
published_at 2026-06-11T12:55:00Z
2
value 0.00129
scoring_system epss
scoring_elements 0.32056
published_at 2026-06-12T12:55:00Z
3
value 0.00129
scoring_system epss
scoring_elements 0.32072
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25639
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25639
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25639
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127907
reference_id 1127907
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127907
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2438237
reference_id 2438237
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2438237
6
reference_url https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57
reference_id 28c721588c7a77e7503d0a434e016f852c597b57
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57
7
reference_url https://github.com/axios/axios/pull/7369
reference_id 7369
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/pull/7369
8
reference_url https://github.com/axios/axios/pull/7388
reference_id 7388
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/pull/7388
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25639
reference_id CVE-2026-25639
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25639
10
reference_url https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e
reference_id d7ff1409c68168d3057fc3891f911b2b92616f9e
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e
11
reference_url https://github.com/advisories/GHSA-43fc-jf86-j433
reference_id GHSA-43fc-jf86-j433
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43fc-jf86-j433
12
reference_url https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433
reference_id GHSA-43fc-jf86-j433
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433
13
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
14
reference_url https://access.redhat.com/errata/RHSA-2026:11414
reference_id RHSA-2026:11414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11414
15
reference_url https://access.redhat.com/errata/RHSA-2026:13542
reference_id RHSA-2026:13542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13542
16
reference_url https://access.redhat.com/errata/RHSA-2026:13548
reference_id RHSA-2026:13548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13548
17
reference_url https://access.redhat.com/errata/RHSA-2026:19712
reference_id RHSA-2026:19712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19712
18
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
19
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
20
reference_url https://access.redhat.com/errata/RHSA-2026:3087
reference_id RHSA-2026:3087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3087
21
reference_url https://access.redhat.com/errata/RHSA-2026:3105
reference_id RHSA-2026:3105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3105
22
reference_url https://access.redhat.com/errata/RHSA-2026:3106
reference_id RHSA-2026:3106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3106
23
reference_url https://access.redhat.com/errata/RHSA-2026:3107
reference_id RHSA-2026:3107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3107
24
reference_url https://access.redhat.com/errata/RHSA-2026:3109
reference_id RHSA-2026:3109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3109
25
reference_url https://access.redhat.com/errata/RHSA-2026:4942
reference_id RHSA-2026:4942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4942
26
reference_url https://access.redhat.com/errata/RHSA-2026:5142
reference_id RHSA-2026:5142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5142
27
reference_url https://access.redhat.com/errata/RHSA-2026:5168
reference_id RHSA-2026:5168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5168
28
reference_url https://access.redhat.com/errata/RHSA-2026:5174
reference_id RHSA-2026:5174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5174
29
reference_url https://access.redhat.com/errata/RHSA-2026:5633
reference_id RHSA-2026:5633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5633
30
reference_url https://access.redhat.com/errata/RHSA-2026:5636
reference_id RHSA-2026:5636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5636
31
reference_url https://access.redhat.com/errata/RHSA-2026:5665
reference_id RHSA-2026:5665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5665
32
reference_url https://access.redhat.com/errata/RHSA-2026:5807
reference_id RHSA-2026:5807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5807
33
reference_url https://access.redhat.com/errata/RHSA-2026:6170
reference_id RHSA-2026:6170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6170
34
reference_url https://access.redhat.com/errata/RHSA-2026:6174
reference_id RHSA-2026:6174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6174
35
reference_url https://access.redhat.com/errata/RHSA-2026:6192
reference_id RHSA-2026:6192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6192
36
reference_url https://access.redhat.com/errata/RHSA-2026:6277
reference_id RHSA-2026:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6277
37
reference_url https://access.redhat.com/errata/RHSA-2026:6308
reference_id RHSA-2026:6308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6308
38
reference_url https://access.redhat.com/errata/RHSA-2026:6309
reference_id RHSA-2026:6309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6309
39
reference_url https://access.redhat.com/errata/RHSA-2026:6404
reference_id RHSA-2026:6404
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6404
40
reference_url https://access.redhat.com/errata/RHSA-2026:6428
reference_id RHSA-2026:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6428
41
reference_url https://access.redhat.com/errata/RHSA-2026:6497
reference_id RHSA-2026:6497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6497
42
reference_url https://access.redhat.com/errata/RHSA-2026:6567
reference_id RHSA-2026:6567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6567
43
reference_url https://access.redhat.com/errata/RHSA-2026:6568
reference_id RHSA-2026:6568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6568
44
reference_url https://access.redhat.com/errata/RHSA-2026:6802
reference_id RHSA-2026:6802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6802
45
reference_url https://access.redhat.com/errata/RHSA-2026:7249
reference_id RHSA-2026:7249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7249
46
reference_url https://access.redhat.com/errata/RHSA-2026:8218
reference_id RHSA-2026:8218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8218
47
reference_url https://access.redhat.com/errata/RHSA-2026:8229
reference_id RHSA-2026:8229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8229
48
reference_url https://access.redhat.com/errata/RHSA-2026:8499
reference_id RHSA-2026:8499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8499
49
reference_url https://access.redhat.com/errata/RHSA-2026:8500
reference_id RHSA-2026:8500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8500
50
reference_url https://access.redhat.com/errata/RHSA-2026:8501
reference_id RHSA-2026:8501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8501
51
reference_url https://access.redhat.com/errata/RHSA-2026:9848
reference_id RHSA-2026:9848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9848
52
reference_url https://github.com/axios/axios/releases/tag/v0.30.3
reference_id v0.30.3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/releases/tag/v0.30.3
53
reference_url https://github.com/axios/axios/releases/tag/v1.13.5
reference_id v1.13.5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/releases/tag/v1.13.5
fixed_packages
0
url pkg:npm/axios@0.30.3
purl pkg:npm/axios@0.30.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-92q4-fhsk-5bd9
6
vulnerability VCID-a346-zp6f-d7f7
7
vulnerability VCID-f821-yte2-pkbj
8
vulnerability VCID-h2m2-qvbh-47hy
9
vulnerability VCID-qxwf-qv1y-n7aq
10
vulnerability VCID-s4uw-vmgd-jkd5
11
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.30.3
1
url pkg:npm/axios@1.0.0-alpha.1
purl pkg:npm/axios@1.0.0-alpha.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.0.0-alpha.1
2
url pkg:npm/axios@1.13.5
purl pkg:npm/axios@1.13.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-7mzn-tmtx-q7dh
6
vulnerability VCID-92q4-fhsk-5bd9
7
vulnerability VCID-a346-zp6f-d7f7
8
vulnerability VCID-ef6h-8mvv-tqgb
9
vulnerability VCID-f821-yte2-pkbj
10
vulnerability VCID-h2m2-qvbh-47hy
11
vulnerability VCID-qxwf-qv1y-n7aq
12
vulnerability VCID-s4uw-vmgd-jkd5
13
vulnerability VCID-zdx2-huy6-sqce
14
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.13.5
aliases CVE-2026-25639, GHSA-43fc-jf86-j433
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jpp8-3u2p-8qfn
12
url VCID-qquu-7fg9-6bgw
vulnerability_id VCID-qquu-7fg9-6bgw
summary Denial of Service in axios
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10742
reference_id
reference_type
scores
0
value 0.1309
scoring_system epss
scoring_elements 0.94272
published_at 2026-06-11T12:55:00Z
1
value 0.1309
scoring_system epss
scoring_elements 0.94299
published_at 2026-06-14T12:55:00Z
2
value 0.1309
scoring_system epss
scoring_elements 0.94296
published_at 2026-06-13T12:55:00Z
3
value 0.1309
scoring_system epss
scoring_elements 0.94292
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10742
1
reference_url https://app.snyk.io/vuln/SNYK-JS-AXIOS-174505
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://app.snyk.io/vuln/SNYK-JS-AXIOS-174505
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10742
3
reference_url https://github.com/axios/axios/commit/acabfbdf00a58bb866c9d070e8a10d1d0dbeb572
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/acabfbdf00a58bb866c9d070e8a10d1d0dbeb572
4
reference_url https://github.com/axios/axios/issues/1098
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/issues/1098
5
reference_url https://github.com/axios/axios/pull/1485
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/1485
6
reference_url https://snyk.io/vuln/SNYK-JS-AXIOS-174505
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-AXIOS-174505
7
reference_url https://www.npmjs.com/advisories/880
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/880
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928624
reference_id 928624
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928624
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10742
reference_id CVE-2019-10742
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10742
10
reference_url https://github.com/advisories/GHSA-42xw-2xvc-qx8m
reference_id GHSA-42xw-2xvc-qx8m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-42xw-2xvc-qx8m
fixed_packages
0
url pkg:npm/axios@0.18.1
purl pkg:npm/axios@0.18.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-63u5-xwj2-6bgd
5
vulnerability VCID-6a8h-2wvu-g7en
6
vulnerability VCID-6b7c-jgtj-63eu
7
vulnerability VCID-92q4-fhsk-5bd9
8
vulnerability VCID-a346-zp6f-d7f7
9
vulnerability VCID-f821-yte2-pkbj
10
vulnerability VCID-h2m2-qvbh-47hy
11
vulnerability VCID-jpp8-3u2p-8qfn
12
vulnerability VCID-qxwf-qv1y-n7aq
13
vulnerability VCID-s4uw-vmgd-jkd5
14
vulnerability VCID-shja-phfk-1ua7
15
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.18.1
1
url pkg:npm/axios@0.19.0-beta.1
purl pkg:npm/axios@0.19.0-beta.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-63u5-xwj2-6bgd
5
vulnerability VCID-6a8h-2wvu-g7en
6
vulnerability VCID-6b7c-jgtj-63eu
7
vulnerability VCID-92q4-fhsk-5bd9
8
vulnerability VCID-a346-zp6f-d7f7
9
vulnerability VCID-f821-yte2-pkbj
10
vulnerability VCID-h2m2-qvbh-47hy
11
vulnerability VCID-jpp8-3u2p-8qfn
12
vulnerability VCID-qxwf-qv1y-n7aq
13
vulnerability VCID-s4uw-vmgd-jkd5
14
vulnerability VCID-shja-phfk-1ua7
15
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.19.0-beta.1
aliases CVE-2019-10742, GHSA-42xw-2xvc-qx8m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qquu-7fg9-6bgw
13
url VCID-qxwf-qv1y-n7aq
vulnerability_id VCID-qxwf-qv1y-n7aq
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, for stream request bodies, maxBodyLength is bypassed when maxRedirects is set to 0 (native http/https transport path). Oversized streamed uploads are sent fully even when the caller sets strict body limits. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42034.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42034.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42034
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26744
published_at 2026-06-13T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26729
published_at 2026-06-14T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26529
published_at 2026-06-11T12:55:00Z
3
value 0.00096
scoring_system epss
scoring_elements 0.2673
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42034
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42034
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42034
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42034
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42034
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461623
reference_id 2461623
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461623
7
reference_url https://github.com/advisories/GHSA-5c9x-8gcm-mpgx
reference_id GHSA-5c9x-8gcm-mpgx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5c9x-8gcm-mpgx
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-5c9x-8gcm-mpgx
reference_id GHSA-5c9x-8gcm-mpgx
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:12:43Z/
url https://github.com/axios/axios/security/advisories/GHSA-5c9x-8gcm-mpgx
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42034, GHSA-5c9x-8gcm-mpgx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxwf-qv1y-n7aq
14
url VCID-s4uw-vmgd-jkd5
vulnerability_id VCID-s4uw-vmgd-jkd5
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can (a) silently intercept and modify every JSON response before the application sees it, or (b) fully hijack the underlying HTTP transport, gaining access to request credentials, headers, and body. The precondition is prototype pollution from a separate source in the same process. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42033.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42033.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42033
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18872
published_at 2026-06-13T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18848
published_at 2026-06-14T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.1869
published_at 2026-06-11T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18853
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42033
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42033
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42033
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42033
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461607
reference_id 2461607
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461607
7
reference_url https://github.com/advisories/GHSA-pf86-5x62-jrwf
reference_id GHSA-pf86-5x62-jrwf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pf86-5x62-jrwf
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf
reference_id GHSA-pf86-5x62-jrwf
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T18:28:14Z/
url https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf
9
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
10
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
11
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
12
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
13
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
14
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
15
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
16
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
17
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
18
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
19
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
20
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
21
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
22
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
23
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
24
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
25
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
26
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
27
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
28
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
29
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
30
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
31
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
32
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
33
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
34
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
35
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
36
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
37
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
38
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
39
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42033, GHSA-pf86-5x62-jrwf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s4uw-vmgd-jkd5
15
url VCID-shja-phfk-1ua7
vulnerability_id VCID-shja-phfk-1ua7
summary An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45857.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45857
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47675
published_at 2026-06-12T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47672
published_at 2026-06-14T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47535
published_at 2026-06-11T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47691
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45857
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45857
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://github.com/axios/axios/commit/2755df562b9c194fba6d8b609a383443f6a6e967
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/2755df562b9c194fba6d8b609a383443f6a6e967
5
reference_url https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0
6
reference_url https://github.com/axios/axios/issues/6022
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/issues/6022
7
reference_url https://github.com/axios/axios/pull/6028
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/6028
8
reference_url https://github.com/axios/axios/pull/6091
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/6091
9
reference_url https://github.com/axios/axios/releases/tag/v0.28.0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/releases/tag/v0.28.0
10
reference_url https://github.com/axios/axios/releases/tag/v1.6.0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/releases/tag/v1.6.0
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-45857
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-45857
12
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
13
reference_url https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056099
reference_id 1056099
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056099
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2248979
reference_id 2248979
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2248979
16
reference_url https://github.com/axios/axios/issues/6006
reference_id 6006
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-04T15:13:57Z/
url https://github.com/axios/axios/issues/6006
17
reference_url https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
reference_id GHSA-wf5p-g6vw-rhxx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
18
reference_url https://security.netapp.com/advisory/ntap-20240621-0006/
reference_id ntap-20240621-0006
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-04T15:13:57Z/
url https://security.netapp.com/advisory/ntap-20240621-0006/
19
reference_url https://access.redhat.com/errata/RHSA-2024:1640
reference_id RHSA-2024:1640
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1640
20
reference_url https://access.redhat.com/errata/RHSA-2024:1925
reference_id RHSA-2024:1925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1925
21
reference_url https://access.redhat.com/errata/RHSA-2024:3314
reference_id RHSA-2024:3314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3314
22
reference_url https://access.redhat.com/errata/RHSA-2024:3316
reference_id RHSA-2024:3316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3316
23
reference_url https://access.redhat.com/errata/RHSA-2024:3473
reference_id RHSA-2024:3473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3473
24
reference_url https://access.redhat.com/errata/RHSA-2024:3920
reference_id RHSA-2024:3920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3920
25
reference_url https://access.redhat.com/errata/RHSA-2024:3989
reference_id RHSA-2024:3989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3989
26
reference_url https://access.redhat.com/errata/RHSA-2024:4269
reference_id RHSA-2024:4269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4269
27
reference_url https://access.redhat.com/errata/RHSA-2024:4455
reference_id RHSA-2024:4455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4455
28
reference_url https://access.redhat.com/errata/RHSA-2024:5314
reference_id RHSA-2024:5314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5314
29
reference_url https://access.redhat.com/errata/RHSA-2025:2876
reference_id RHSA-2025:2876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2876
fixed_packages
0
url pkg:npm/axios@0.28.0
purl pkg:npm/axios@0.28.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-6b7c-jgtj-63eu
6
vulnerability VCID-92q4-fhsk-5bd9
7
vulnerability VCID-a346-zp6f-d7f7
8
vulnerability VCID-f821-yte2-pkbj
9
vulnerability VCID-g4m2-6ftk-bbaa
10
vulnerability VCID-h2m2-qvbh-47hy
11
vulnerability VCID-jpp8-3u2p-8qfn
12
vulnerability VCID-qxwf-qv1y-n7aq
13
vulnerability VCID-s4uw-vmgd-jkd5
14
vulnerability VCID-zdx2-huy6-sqce
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.28.0
1
url pkg:npm/axios@1.0.0-alpha.1
purl pkg:npm/axios@1.0.0-alpha.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.0.0-alpha.1
2
url pkg:npm/axios@1.6.0
purl pkg:npm/axios@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-6b7c-jgtj-63eu
6
vulnerability VCID-7mzn-tmtx-q7dh
7
vulnerability VCID-92q4-fhsk-5bd9
8
vulnerability VCID-a346-zp6f-d7f7
9
vulnerability VCID-ef6h-8mvv-tqgb
10
vulnerability VCID-f821-yte2-pkbj
11
vulnerability VCID-g4m2-6ftk-bbaa
12
vulnerability VCID-h2m2-qvbh-47hy
13
vulnerability VCID-jpp8-3u2p-8qfn
14
vulnerability VCID-qxwf-qv1y-n7aq
15
vulnerability VCID-s4uw-vmgd-jkd5
16
vulnerability VCID-ydef-vukd-8qhf
17
vulnerability VCID-zdx2-huy6-sqce
18
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.6.0
aliases CVE-2023-45857, GHSA-wf5p-g6vw-rhxx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shja-phfk-1ua7
16
url VCID-zdx2-huy6-sqce
vulnerability_id VCID-zdx2-huy6-sqce
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42039.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42039.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42039
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.0949
published_at 2026-06-12T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09472
published_at 2026-06-14T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09483
published_at 2026-06-13T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09435
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42039
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42039
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/commit/85132ffba1a77609ea5d101c8a413dea7174932f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/85132ffba1a77609ea5d101c8a413dea7174932f
6
reference_url https://github.com/axios/axios/releases/tag/v1.15.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/releases/tag/v1.15.1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42039
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42039
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461630
reference_id 2461630
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461630
10
reference_url https://github.com/advisories/GHSA-62hf-57xw-28j9
reference_id GHSA-62hf-57xw-28j9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-62hf-57xw-28j9
11
reference_url https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9
reference_id GHSA-62hf-57xw-28j9
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:14:11Z/
url https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9
12
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
13
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
14
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
15
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
16
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
17
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
18
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
19
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
20
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
21
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
22
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
23
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
24
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
25
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
26
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
27
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
28
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
29
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
30
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
31
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
32
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
33
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
34
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
35
reference_url https://access.redhat.com/errata/RHSA-2026:24473
reference_id RHSA-2026:24473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24473
36
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
37
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
38
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
39
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
40
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
41
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
42
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
43
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@0.31.1
purl pkg:npm/axios@0.31.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7ayb-d1sc-kqhn
1
vulnerability VCID-bwhx-3sqd-sbdt
2
vulnerability VCID-mxxd-29jn-n3hz
3
vulnerability VCID-qzgk-6jrw-5bej
4
vulnerability VCID-tqqm-t9ab-vfec
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.31.1
1
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42039, GHSA-62hf-57xw-28j9
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdx2-huy6-sqce
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/axios@0.9.0