Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/axios@1.7.0-beta.2
Typenpm
Namespace
Nameaxios
Version1.7.0-beta.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.16.0
Latest_non_vulnerable_version1.16.0
Affected_by_vulnerabilities
0
url VCID-3rmd-rsjh-27hf
vulnerability_id VCID-3rmd-rsjh-27hf
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when responseType: 'stream' is used, Axios returns the response stream without enforcing maxContentLength. This bypasses configured response-size limits and allows unbounded downstream consumption. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42036.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42036
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.0949
published_at 2026-06-12T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09472
published_at 2026-06-14T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09435
published_at 2026-06-11T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09483
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42036
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42036
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42036
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42036
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461633
reference_id 2461633
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461633
7
reference_url https://github.com/advisories/GHSA-vf2m-468p-8v99
reference_id GHSA-vf2m-468p-8v99
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vf2m-468p-8v99
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-vf2m-468p-8v99
reference_id GHSA-vf2m-468p-8v99
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:30:17Z/
url https://github.com/axios/axios/security/advisories/GHSA-vf2m-468p-8v99
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42036, GHSA-vf2m-468p-8v99
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rmd-rsjh-27hf
1
url VCID-47b2-yz73-8ffw
vulnerability_id VCID-47b2-yz73-8ffw
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, he fix for no_proxy hostname normalization bypass is incomplete. When no_proxy=localhost is set, requests to 127.0.0.1 and [::1] still route through the proxy instead of bypassing it. The shouldBypassProxy() function does pure string matching — it does not resolve IP aliases or loopback equivalents. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42038.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42038.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42038
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.24295
published_at 2026-06-12T12:55:00Z
1
value 0.00082
scoring_system epss
scoring_elements 0.24286
published_at 2026-06-14T12:55:00Z
2
value 0.00082
scoring_system epss
scoring_elements 0.24099
published_at 2026-06-11T12:55:00Z
3
value 0.00082
scoring_system epss
scoring_elements 0.24305
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42038
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42038
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42038
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42038
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461634
reference_id 2461634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461634
7
reference_url https://github.com/advisories/GHSA-m7pr-hjqh-92cm
reference_id GHSA-m7pr-hjqh-92cm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m7pr-hjqh-92cm
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-m7pr-hjqh-92cm
reference_id GHSA-m7pr-hjqh-92cm
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:46:29Z/
url https://github.com/axios/axios/security/advisories/GHSA-m7pr-hjqh-92cm
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42038, GHSA-m7pr-hjqh-92cm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47b2-yz73-8ffw
2
url VCID-4n9q-ca4t-nkh5
vulnerability_id VCID-4n9q-ca4t-nkh5
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode() function in lib/helpers/AxiosURLSearchParams.js contains a character mapping (charMap) at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent('\x00') correctly produces the safe sequence %00, the charMap entry '%00': '\x00' converts it back to a raw null byte. Primary impact is limited because the standard axios request flow is not affected. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42040
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24386
published_at 2026-06-14T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24196
published_at 2026-06-11T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24403
published_at 2026-06-13T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24393
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42040
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42040
2
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42040
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42040
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
5
reference_url https://github.com/advisories/GHSA-xhjh-pmcv-23jw
reference_id GHSA-xhjh-pmcv-23jw
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xhjh-pmcv-23jw
6
reference_url https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw
reference_id GHSA-xhjh-pmcv-23jw
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:48:02Z/
url https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42040, GHSA-xhjh-pmcv-23jw
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4n9q-ca4t-nkh5
3
url VCID-5mmh-tc9h-gkcu
vulnerability_id VCID-5mmh-tc9h-gkcu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42043.json
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42043.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42043
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07985
published_at 2026-06-12T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07977
published_at 2026-06-14T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07981
published_at 2026-06-13T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07949
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42043
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42043
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42043
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42043
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42043
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461626
reference_id 2461626
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461626
8
reference_url https://github.com/advisories/GHSA-pmwg-cvhr-8vh7
reference_id GHSA-pmwg-cvhr-8vh7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pmwg-cvhr-8vh7
9
reference_url https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7
reference_id GHSA-pmwg-cvhr-8vh7
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-27T13:47:20Z/
url https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7
10
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
11
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
12
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
13
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
14
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
15
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
16
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
17
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
18
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
19
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
20
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
21
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
22
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
23
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
24
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
25
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
26
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
27
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
28
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
29
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
30
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
31
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
32
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
33
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
34
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
35
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
36
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
37
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
38
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
39
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
40
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42043, GHSA-pmwg-cvhr-8vh7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5mmh-tc9h-gkcu
4
url VCID-6a8h-2wvu-g7en
vulnerability_id VCID-6a8h-2wvu-g7en
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62718.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-62718
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.2144
published_at 2026-06-14T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21466
published_at 2026-06-13T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21454
published_at 2026-06-12T12:55:00Z
3
value 0.00069
scoring_system epss
scoring_elements 0.2127
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-62718
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62718
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
reference_id 03cdfc99e8db32a390e12128208b6778492cee9c
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
6
reference_url https://github.com/axios/axios/pull/10661
reference_id 10661
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/pull/10661
7
reference_url https://github.com/axios/axios/pull/10688
reference_id 10688
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/pull/10688
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456913
reference_id 2456913
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456913
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-62718
reference_id CVE-2025-62718
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-62718
10
reference_url https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df
reference_id fb3befb6daac6cad26b2e54094d0f2d9e47f24df
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df
11
reference_url https://github.com/advisories/GHSA-3p68-rc4w-qgx5
reference_id GHSA-3p68-rc4w-qgx5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3p68-rc4w-qgx5
12
reference_url https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5
reference_id GHSA-3p68-rc4w-qgx5
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5
13
reference_url https://datatracker.ietf.org/doc/html/rfc1034#section-3.1
reference_id rfc1034#section-3.1
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://datatracker.ietf.org/doc/html/rfc1034#section-3.1
14
reference_url https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2
reference_id rfc3986#section-3.2.2
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2
15
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
16
reference_url https://access.redhat.com/errata/RHSA-2026:13571
reference_id RHSA-2026:13571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13571
17
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
18
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
19
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
20
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
21
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
22
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
23
reference_url https://access.redhat.com/errata/RHSA-2026:19712
reference_id RHSA-2026:19712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19712
24
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
25
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
26
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
27
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
28
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
29
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
30
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
31
reference_url https://access.redhat.com/errata/RHSA-2026:24471
reference_id RHSA-2026:24471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24471
32
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
33
reference_url https://access.redhat.com/errata/RHSA-2026:24766
reference_id RHSA-2026:24766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24766
34
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
35
reference_url https://access.redhat.com/errata/RHSA-2026:24866
reference_id RHSA-2026:24866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24866
36
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
37
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
38
reference_url https://access.redhat.com/errata/RHSA-2026:8484
reference_id RHSA-2026:8484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8484
39
reference_url https://access.redhat.com/errata/RHSA-2026:8490
reference_id RHSA-2026:8490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8490
40
reference_url https://access.redhat.com/errata/RHSA-2026:8491
reference_id RHSA-2026:8491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8491
41
reference_url https://access.redhat.com/errata/RHSA-2026:8493
reference_id RHSA-2026:8493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8493
42
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
43
reference_url https://github.com/axios/axios/releases/tag/v0.31.0
reference_id v0.31.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/releases/tag/v0.31.0
44
reference_url https://github.com/axios/axios/releases/tag/v1.15.0
reference_id v1.15.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/releases/tag/v1.15.0
fixed_packages
0
url pkg:npm/axios@1.15.0
purl pkg:npm/axios@1.15.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-7mzn-tmtx-q7dh
5
vulnerability VCID-92q4-fhsk-5bd9
6
vulnerability VCID-a346-zp6f-d7f7
7
vulnerability VCID-ef6h-8mvv-tqgb
8
vulnerability VCID-h2m2-qvbh-47hy
9
vulnerability VCID-qxwf-qv1y-n7aq
10
vulnerability VCID-s4uw-vmgd-jkd5
11
vulnerability VCID-zdx2-huy6-sqce
12
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.0
aliases CVE-2025-62718, GHSA-3p68-rc4w-qgx5
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6a8h-2wvu-g7en
5
url VCID-6b7c-jgtj-63eu
vulnerability_id VCID-6b7c-jgtj-63eu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27152.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27152.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27152
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43845
published_at 2026-06-11T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.44008
published_at 2026-06-14T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.4402
published_at 2026-06-13T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.44
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27152
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27152
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/commit/02c3c69ced0f8fd86407c23203835892313d7fde
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/02c3c69ced0f8fd86407c23203835892313d7fde
6
reference_url https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f
7
reference_url https://github.com/axios/axios/pull/6829
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/6829
8
reference_url https://github.com/axios/axios/releases/tag/v1.8.2
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/releases/tag/v1.8.2
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-27152
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-27152
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102223
reference_id 1102223
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102223
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2350618
reference_id 2350618
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2350618
12
reference_url https://github.com/axios/axios/issues/6463
reference_id 6463
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T19:32:00Z/
url https://github.com/axios/axios/issues/6463
13
reference_url https://github.com/advisories/GHSA-jr5f-v2jv-69x6
reference_id GHSA-jr5f-v2jv-69x6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jr5f-v2jv-69x6
14
reference_url https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6
reference_id GHSA-jr5f-v2jv-69x6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T19:32:00Z/
url https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6
fixed_packages
0
url pkg:npm/axios@1.8.2
purl pkg:npm/axios@1.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-7mzn-tmtx-q7dh
6
vulnerability VCID-92q4-fhsk-5bd9
7
vulnerability VCID-a346-zp6f-d7f7
8
vulnerability VCID-ef6h-8mvv-tqgb
9
vulnerability VCID-f821-yte2-pkbj
10
vulnerability VCID-g4m2-6ftk-bbaa
11
vulnerability VCID-h2m2-qvbh-47hy
12
vulnerability VCID-jpp8-3u2p-8qfn
13
vulnerability VCID-qxwf-qv1y-n7aq
14
vulnerability VCID-s4uw-vmgd-jkd5
15
vulnerability VCID-zdx2-huy6-sqce
16
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.8.2
aliases CVE-2025-27152, GHSA-jr5f-v2jv-69x6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6b7c-jgtj-63eu
6
url VCID-7mzn-tmtx-q7dh
vulnerability_id VCID-7mzn-tmtx-q7dh
summary Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical, invisible modification of all JSON API responses — including privilege escalation, balance manipulation, and authorization bypass. The default transformResponse function at lib/defaults/index.js:124 calls JSON.parse(data, this.parseReviver), where this is the merged config object. Because parseReviver is not present in Axios defaults, not validated by assertOptions, and not subject to any constraints, a polluted Object.prototype.parseReviver function is called for every key-value pair in every JSON response, allowing the attacker to selectively modify individual values while leaving the rest of the response intact. This vulnerability is fixed in 1.15.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42044.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42044.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42044
reference_id
reference_type
scores
0
value 0.00188
scoring_system epss
scoring_elements 0.40731
published_at 2026-06-12T12:55:00Z
1
value 0.00188
scoring_system epss
scoring_elements 0.40741
published_at 2026-06-14T12:55:00Z
2
value 0.00188
scoring_system epss
scoring_elements 0.40563
published_at 2026-06-11T12:55:00Z
3
value 0.00188
scoring_system epss
scoring_elements 0.40755
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42044
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42044
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42044
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42044
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42044
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461624
reference_id 2461624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461624
7
reference_url https://github.com/advisories/GHSA-3w6x-2g7m-8v23
reference_id GHSA-3w6x-2g7m-8v23
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3w6x-2g7m-8v23
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23
reference_id GHSA-3w6x-2g7m-8v23
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:11:49Z/
url https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23
9
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
10
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
11
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
12
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
13
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
14
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
15
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
16
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
17
reference_url https://access.redhat.com/errata/RHSA-2026:20338
reference_id RHSA-2026:20338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20338
18
reference_url https://access.redhat.com/errata/RHSA-2026:20454
reference_id RHSA-2026:20454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20454
19
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
20
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
21
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
22
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
23
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
24
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
25
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
26
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
27
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
28
reference_url https://access.redhat.com/errata/RHSA-2026:24471
reference_id RHSA-2026:24471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24471
29
reference_url https://access.redhat.com/errata/RHSA-2026:24473
reference_id RHSA-2026:24473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24473
30
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
31
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
32
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
33
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
34
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
35
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
36
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@1.15.2
purl pkg:npm/axios@1.15.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8vwd-zh7x-d3dh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.2
aliases CVE-2026-42044, GHSA-3w6x-2g7m-8v23
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mzn-tmtx-q7dh
7
url VCID-92q4-fhsk-5bd9
vulnerability_id VCID-92q4-fhsk-5bd9
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter (lib/adapters/http.js) that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type checking of the data payload, where if Object.prototype is polluted with getHeaders, append, pipe, on, once, and Symbol.toStringTag, Axios misidentifies any plain object payload as a FormData instance and calls the attacker-controlled getHeaders() function, merging the returned headers into the outgoing request. The vulnerable code resides exclusively in lib/adapters/http.js. The prototype pollution source does not need to originate from Axios itself — any prototype pollution primitive in any dependency in the application's dependency tree is sufficient to trigger this gadget. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42035.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42035.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42035
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.15307
published_at 2026-06-12T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.15279
published_at 2026-06-14T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.15179
published_at 2026-06-11T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.15314
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42035
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42035
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42035
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42035
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461606
reference_id 2461606
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461606
7
reference_url https://github.com/advisories/GHSA-6chq-wfr3-2hj9
reference_id GHSA-6chq-wfr3-2hj9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6chq-wfr3-2hj9
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9
reference_id GHSA-6chq-wfr3-2hj9
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T18:07:43Z/
url https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9
9
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
10
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
11
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
12
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
13
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
14
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
15
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
16
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
17
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
18
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
19
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
20
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
21
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
22
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
23
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
24
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
25
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
26
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
27
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
28
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
29
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
30
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
31
reference_url https://access.redhat.com/errata/RHSA-2026:24471
reference_id RHSA-2026:24471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24471
32
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
33
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
34
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
35
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
36
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
37
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
38
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
39
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42035, GHSA-6chq-wfr3-2hj9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92q4-fhsk-5bd9
8
url VCID-a346-zp6f-d7f7
vulnerability_id VCID-a346-zp6f-d7f7
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library's XSRF token protection logic uses JavaScript truthy/falsy semantics instead of strict boolean comparison for the withXSRFToken config property. When this property is set to any truthy non-boolean value (via prototype pollution or misconfiguration), the same-origin check (isURLSameOrigin) is short-circuited, causing XSRF tokens to be sent to all request targets including cross-origin servers controlled by an attacker. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42042.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42042.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42042
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20555
published_at 2026-06-12T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20554
published_at 2026-06-14T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20378
published_at 2026-06-11T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20576
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42042
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42042
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42042
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42042
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42042
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461637
reference_id 2461637
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461637
7
reference_url https://github.com/advisories/GHSA-xx6v-rp6x-q39c
reference_id GHSA-xx6v-rp6x-q39c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xx6v-rp6x-q39c
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-xx6v-rp6x-q39c
reference_id GHSA-xx6v-rp6x-q39c
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T17:35:32Z/
url https://github.com/axios/axios/security/advisories/GHSA-xx6v-rp6x-q39c
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42042, GHSA-xx6v-rp6x-q39c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a346-zp6f-d7f7
9
url VCID-ef6h-8mvv-tqgb
vulnerability_id VCID-ef6h-8mvv-tqgb
summary Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.1, the FormDataPart constructor in lib/helpers/formDataToStream.js interpolates value.type directly into the Content-Type header of each multipart part without sanitizing CRLF (\r\n) sequences. An attacker who controls the .type property of a Blob/File-like object (e.g., via a user-uploaded file in a Node.js proxy service) can inject arbitrary MIME part headers into the multipart form-data body. This bypasses Node.js v18+ built-in header protections because the injection targets the multipart body structure, not HTTP request headers. This vulnerability is fixed in 1.15.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42037.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42037.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42037
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26837
published_at 2026-06-12T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26835
published_at 2026-06-14T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26635
published_at 2026-06-11T12:55:00Z
3
value 0.00096
scoring_system epss
scoring_elements 0.2685
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42037
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42037
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42037
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42037
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42037
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461636
reference_id 2461636
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461636
7
reference_url https://github.com/advisories/GHSA-445q-vr5w-6q77
reference_id GHSA-445q-vr5w-6q77
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-445q-vr5w-6q77
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-445q-vr5w-6q77
reference_id GHSA-445q-vr5w-6q77
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T17:36:52Z/
url https://github.com/axios/axios/security/advisories/GHSA-445q-vr5w-6q77
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42037, GHSA-445q-vr5w-6q77
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ef6h-8mvv-tqgb
10
url VCID-f821-yte2-pkbj
vulnerability_id VCID-f821-yte2-pkbj
summary Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This vulnerability is fixed in 1.15.0 and 0.3.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40175.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40175.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40175
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.20034
published_at 2026-06-14T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.20059
published_at 2026-06-13T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.2004
published_at 2026-06-12T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19867
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40175
2
reference_url https://cert-portal.siemens.com/productcert/html/ssa-876049.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-876049.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40175
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40175
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/pull/10660#issuecomment-4224168081
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/10660#issuecomment-4224168081
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-40175
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-40175
7
reference_url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
reference_id 03cdfc99e8db32a390e12128208b6778492cee9c
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
8
reference_url https://github.com/axios/axios/pull/10660
reference_id 10660
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/pull/10660
9
reference_url https://github.com/axios/axios/pull/10688
reference_id 10688
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/pull/10688
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457432
reference_id 2457432
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457432
11
reference_url https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1
reference_id 363185461b90b1b78845dc8a99a1f103d9b122a1
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1
12
reference_url https://github.com/advisories/GHSA-fvcv-3m26-pcqx
reference_id GHSA-fvcv-3m26-pcqx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fvcv-3m26-pcqx
13
reference_url https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx
reference_id GHSA-fvcv-3m26-pcqx
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx
14
reference_url https://access.redhat.com/errata/RHSA-2026:10104
reference_id RHSA-2026:10104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10104
15
reference_url https://access.redhat.com/errata/RHSA-2026:10153
reference_id RHSA-2026:10153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10153
16
reference_url https://access.redhat.com/errata/RHSA-2026:10172
reference_id RHSA-2026:10172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10172
17
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
18
reference_url https://access.redhat.com/errata/RHSA-2026:11414
reference_id RHSA-2026:11414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11414
19
reference_url https://access.redhat.com/errata/RHSA-2026:13542
reference_id RHSA-2026:13542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13542
20
reference_url https://access.redhat.com/errata/RHSA-2026:13548
reference_id RHSA-2026:13548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13548
21
reference_url https://access.redhat.com/errata/RHSA-2026:13571
reference_id RHSA-2026:13571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13571
22
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
23
reference_url https://access.redhat.com/errata/RHSA-2026:14774
reference_id RHSA-2026:14774
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14774
24
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
25
reference_url https://access.redhat.com/errata/RHSA-2026:15091
reference_id RHSA-2026:15091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:15091
26
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
27
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
28
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
29
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
30
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
31
reference_url https://access.redhat.com/errata/RHSA-2026:19712
reference_id RHSA-2026:19712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19712
32
reference_url https://access.redhat.com/errata/RHSA-2026:20041
reference_id RHSA-2026:20041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20041
33
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
34
reference_url https://access.redhat.com/errata/RHSA-2026:24762
reference_id RHSA-2026:24762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24762
35
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
36
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
37
reference_url https://access.redhat.com/errata/RHSA-2026:8484
reference_id RHSA-2026:8484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8484
38
reference_url https://access.redhat.com/errata/RHSA-2026:8490
reference_id RHSA-2026:8490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8490
39
reference_url https://access.redhat.com/errata/RHSA-2026:8491
reference_id RHSA-2026:8491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8491
40
reference_url https://access.redhat.com/errata/RHSA-2026:8493
reference_id RHSA-2026:8493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8493
41
reference_url https://access.redhat.com/errata/RHSA-2026:8499
reference_id RHSA-2026:8499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8499
42
reference_url https://access.redhat.com/errata/RHSA-2026:8500
reference_id RHSA-2026:8500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8500
43
reference_url https://access.redhat.com/errata/RHSA-2026:8501
reference_id RHSA-2026:8501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8501
44
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
45
reference_url https://github.com/axios/axios/releases/tag/v0.31.0
reference_id v0.31.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/releases/tag/v0.31.0
46
reference_url https://github.com/axios/axios/releases/tag/v1.15.0
reference_id v1.15.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-12T20:43:26Z/
url https://github.com/axios/axios/releases/tag/v1.15.0
fixed_packages
0
url pkg:npm/axios@1.15.0
purl pkg:npm/axios@1.15.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-7mzn-tmtx-q7dh
5
vulnerability VCID-92q4-fhsk-5bd9
6
vulnerability VCID-a346-zp6f-d7f7
7
vulnerability VCID-ef6h-8mvv-tqgb
8
vulnerability VCID-h2m2-qvbh-47hy
9
vulnerability VCID-qxwf-qv1y-n7aq
10
vulnerability VCID-s4uw-vmgd-jkd5
11
vulnerability VCID-zdx2-huy6-sqce
12
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.0
aliases CVE-2026-40175, GHSA-fvcv-3m26-pcqx
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f821-yte2-pkbj
11
url VCID-g4m2-6ftk-bbaa
vulnerability_id VCID-g4m2-6ftk-bbaa
summary Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response. This path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested `responseType: 'stream'`. Versions 0.30.2 and 1.12.0 contain a patch for the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58754.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58754.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-58754
reference_id
reference_type
scores
0
value 0.0034
scoring_system epss
scoring_elements 0.57207
published_at 2026-06-14T12:55:00Z
1
value 0.0034
scoring_system epss
scoring_elements 0.57082
published_at 2026-06-11T12:55:00Z
2
value 0.0034
scoring_system epss
scoring_elements 0.572
published_at 2026-06-12T12:55:00Z
3
value 0.0034
scoring_system epss
scoring_elements 0.57214
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-58754
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58754
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58754
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-58754
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-58754
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114963
reference_id 1114963
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114963
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394735
reference_id 2394735
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394735
7
reference_url https://github.com/axios/axios/pull/7011
reference_id 7011
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/pull/7011
8
reference_url https://github.com/axios/axios/pull/7034
reference_id 7034
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/pull/7034
9
reference_url https://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593
reference_id 945435fc51467303768202250debb8d4ae892593
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593
10
reference_url https://github.com/axios/axios/commit/a1b1d3f073a988601583a604f5f9f5d05a3d0b67
reference_id a1b1d3f073a988601583a604f5f9f5d05a3d0b67
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/commit/a1b1d3f073a988601583a604f5f9f5d05a3d0b67
11
reference_url https://github.com/axios/axios/commit/c30252f685e8f4326722de84923fcbc8cf557f06
reference_id c30252f685e8f4326722de84923fcbc8cf557f06
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/commit/c30252f685e8f4326722de84923fcbc8cf557f06
12
reference_url https://github.com/advisories/GHSA-4hjh-wcwx-xvwj
reference_id GHSA-4hjh-wcwx-xvwj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4hjh-wcwx-xvwj
13
reference_url https://github.com/axios/axios/security/advisories/GHSA-4hjh-wcwx-xvwj
reference_id GHSA-4hjh-wcwx-xvwj
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/security/advisories/GHSA-4hjh-wcwx-xvwj
14
reference_url https://access.redhat.com/errata/RHSA-2025:16747
reference_id RHSA-2025:16747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16747
15
reference_url https://access.redhat.com/errata/RHSA-2025:18252
reference_id RHSA-2025:18252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18252
16
reference_url https://access.redhat.com/errata/RHSA-2025:19221
reference_id RHSA-2025:19221
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19221
17
reference_url https://access.redhat.com/errata/RHSA-2025:19335
reference_id RHSA-2025:19335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19335
18
reference_url https://access.redhat.com/errata/RHSA-2025:19375
reference_id RHSA-2025:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19375
19
reference_url https://access.redhat.com/errata/RHSA-2025:19529
reference_id RHSA-2025:19529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19529
20
reference_url https://access.redhat.com/errata/RHSA-2025:19804
reference_id RHSA-2025:19804
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19804
21
reference_url https://access.redhat.com/errata/RHSA-2025:19961
reference_id RHSA-2025:19961
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19961
22
reference_url https://access.redhat.com/errata/RHSA-2025:22684
reference_id RHSA-2025:22684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22684
23
reference_url https://access.redhat.com/errata/RHSA-2025:22759
reference_id RHSA-2025:22759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22759
24
reference_url https://access.redhat.com/errata/RHSA-2025:23069
reference_id RHSA-2025:23069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23069
25
reference_url https://access.redhat.com/errata/RHSA-2025:23131
reference_id RHSA-2025:23131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23131
26
reference_url https://access.redhat.com/errata/RHSA-2025:23546
reference_id RHSA-2025:23546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23546
27
reference_url https://access.redhat.com/errata/RHSA-2026:0627
reference_id RHSA-2026:0627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0627
28
reference_url https://access.redhat.com/errata/RHSA-2026:0718
reference_id RHSA-2026:0718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0718
29
reference_url https://access.redhat.com/errata/RHSA-2026:1018
reference_id RHSA-2026:1018
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1018
30
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
31
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
32
reference_url https://access.redhat.com/errata/RHSA-2026:6226
reference_id RHSA-2026:6226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6226
33
reference_url https://github.com/axios/axios/releases/tag/v0.30.2
reference_id v0.30.2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/releases/tag/v0.30.2
34
reference_url https://github.com/axios/axios/releases/tag/v1.12.0
reference_id v1.12.0
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-12T13:08:38Z/
url https://github.com/axios/axios/releases/tag/v1.12.0
fixed_packages
0
url pkg:npm/axios@1.12.0
purl pkg:npm/axios@1.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-7mzn-tmtx-q7dh
6
vulnerability VCID-92q4-fhsk-5bd9
7
vulnerability VCID-a346-zp6f-d7f7
8
vulnerability VCID-ef6h-8mvv-tqgb
9
vulnerability VCID-f821-yte2-pkbj
10
vulnerability VCID-h2m2-qvbh-47hy
11
vulnerability VCID-jpp8-3u2p-8qfn
12
vulnerability VCID-qxwf-qv1y-n7aq
13
vulnerability VCID-s4uw-vmgd-jkd5
14
vulnerability VCID-zdx2-huy6-sqce
15
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.12.0
aliases CVE-2025-58754, GHSA-4hjh-wcwx-xvwj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g4m2-6ftk-bbaa
12
url VCID-h2m2-qvbh-47hy
vulnerability_id VCID-h2m2-qvbh-47hy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42041.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42041
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20525
published_at 2026-06-12T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20522
published_at 2026-06-14T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20545
published_at 2026-06-13T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20348
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42041
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42041
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42041
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42041
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461629
reference_id 2461629
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461629
8
reference_url https://github.com/advisories/GHSA-w9j2-pvgh-6h63
reference_id GHSA-w9j2-pvgh-6h63
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w9j2-pvgh-6h63
9
reference_url https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63
reference_id GHSA-w9j2-pvgh-6h63
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:29:47Z/
url https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63
10
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
11
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
12
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
13
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
14
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
15
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
16
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
17
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
18
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
19
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
20
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
21
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
22
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
23
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
24
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
25
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
26
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
27
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
28
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
29
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
30
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
31
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
32
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
33
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
34
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
35
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
36
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
37
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
38
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
39
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
40
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42041, GHSA-w9j2-pvgh-6h63
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h2m2-qvbh-47hy
13
url VCID-jpp8-3u2p-8qfn
vulnerability_id VCID-jpp8-3u2p-8qfn
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25639.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25639.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25639
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.32051
published_at 2026-06-14T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.3187
published_at 2026-06-11T12:55:00Z
2
value 0.00129
scoring_system epss
scoring_elements 0.32056
published_at 2026-06-12T12:55:00Z
3
value 0.00129
scoring_system epss
scoring_elements 0.32072
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25639
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25639
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25639
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127907
reference_id 1127907
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127907
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2438237
reference_id 2438237
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2438237
6
reference_url https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57
reference_id 28c721588c7a77e7503d0a434e016f852c597b57
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57
7
reference_url https://github.com/axios/axios/pull/7369
reference_id 7369
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/pull/7369
8
reference_url https://github.com/axios/axios/pull/7388
reference_id 7388
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/pull/7388
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25639
reference_id CVE-2026-25639
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25639
10
reference_url https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e
reference_id d7ff1409c68168d3057fc3891f911b2b92616f9e
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e
11
reference_url https://github.com/advisories/GHSA-43fc-jf86-j433
reference_id GHSA-43fc-jf86-j433
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43fc-jf86-j433
12
reference_url https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433
reference_id GHSA-43fc-jf86-j433
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433
13
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
14
reference_url https://access.redhat.com/errata/RHSA-2026:11414
reference_id RHSA-2026:11414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11414
15
reference_url https://access.redhat.com/errata/RHSA-2026:13542
reference_id RHSA-2026:13542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13542
16
reference_url https://access.redhat.com/errata/RHSA-2026:13548
reference_id RHSA-2026:13548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13548
17
reference_url https://access.redhat.com/errata/RHSA-2026:19712
reference_id RHSA-2026:19712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19712
18
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
19
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
20
reference_url https://access.redhat.com/errata/RHSA-2026:3087
reference_id RHSA-2026:3087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3087
21
reference_url https://access.redhat.com/errata/RHSA-2026:3105
reference_id RHSA-2026:3105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3105
22
reference_url https://access.redhat.com/errata/RHSA-2026:3106
reference_id RHSA-2026:3106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3106
23
reference_url https://access.redhat.com/errata/RHSA-2026:3107
reference_id RHSA-2026:3107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3107
24
reference_url https://access.redhat.com/errata/RHSA-2026:3109
reference_id RHSA-2026:3109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3109
25
reference_url https://access.redhat.com/errata/RHSA-2026:4942
reference_id RHSA-2026:4942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4942
26
reference_url https://access.redhat.com/errata/RHSA-2026:5142
reference_id RHSA-2026:5142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5142
27
reference_url https://access.redhat.com/errata/RHSA-2026:5168
reference_id RHSA-2026:5168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5168
28
reference_url https://access.redhat.com/errata/RHSA-2026:5174
reference_id RHSA-2026:5174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5174
29
reference_url https://access.redhat.com/errata/RHSA-2026:5633
reference_id RHSA-2026:5633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5633
30
reference_url https://access.redhat.com/errata/RHSA-2026:5636
reference_id RHSA-2026:5636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5636
31
reference_url https://access.redhat.com/errata/RHSA-2026:5665
reference_id RHSA-2026:5665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5665
32
reference_url https://access.redhat.com/errata/RHSA-2026:5807
reference_id RHSA-2026:5807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5807
33
reference_url https://access.redhat.com/errata/RHSA-2026:6170
reference_id RHSA-2026:6170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6170
34
reference_url https://access.redhat.com/errata/RHSA-2026:6174
reference_id RHSA-2026:6174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6174
35
reference_url https://access.redhat.com/errata/RHSA-2026:6192
reference_id RHSA-2026:6192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6192
36
reference_url https://access.redhat.com/errata/RHSA-2026:6277
reference_id RHSA-2026:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6277
37
reference_url https://access.redhat.com/errata/RHSA-2026:6308
reference_id RHSA-2026:6308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6308
38
reference_url https://access.redhat.com/errata/RHSA-2026:6309
reference_id RHSA-2026:6309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6309
39
reference_url https://access.redhat.com/errata/RHSA-2026:6404
reference_id RHSA-2026:6404
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6404
40
reference_url https://access.redhat.com/errata/RHSA-2026:6428
reference_id RHSA-2026:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6428
41
reference_url https://access.redhat.com/errata/RHSA-2026:6497
reference_id RHSA-2026:6497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6497
42
reference_url https://access.redhat.com/errata/RHSA-2026:6567
reference_id RHSA-2026:6567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6567
43
reference_url https://access.redhat.com/errata/RHSA-2026:6568
reference_id RHSA-2026:6568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6568
44
reference_url https://access.redhat.com/errata/RHSA-2026:6802
reference_id RHSA-2026:6802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6802
45
reference_url https://access.redhat.com/errata/RHSA-2026:7249
reference_id RHSA-2026:7249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7249
46
reference_url https://access.redhat.com/errata/RHSA-2026:8218
reference_id RHSA-2026:8218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8218
47
reference_url https://access.redhat.com/errata/RHSA-2026:8229
reference_id RHSA-2026:8229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8229
48
reference_url https://access.redhat.com/errata/RHSA-2026:8499
reference_id RHSA-2026:8499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8499
49
reference_url https://access.redhat.com/errata/RHSA-2026:8500
reference_id RHSA-2026:8500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8500
50
reference_url https://access.redhat.com/errata/RHSA-2026:8501
reference_id RHSA-2026:8501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8501
51
reference_url https://access.redhat.com/errata/RHSA-2026:9848
reference_id RHSA-2026:9848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9848
52
reference_url https://github.com/axios/axios/releases/tag/v0.30.3
reference_id v0.30.3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/releases/tag/v0.30.3
53
reference_url https://github.com/axios/axios/releases/tag/v1.13.5
reference_id v1.13.5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-10T15:39:46Z/
url https://github.com/axios/axios/releases/tag/v1.13.5
fixed_packages
0
url pkg:npm/axios@1.13.5
purl pkg:npm/axios@1.13.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-7mzn-tmtx-q7dh
6
vulnerability VCID-92q4-fhsk-5bd9
7
vulnerability VCID-a346-zp6f-d7f7
8
vulnerability VCID-ef6h-8mvv-tqgb
9
vulnerability VCID-f821-yte2-pkbj
10
vulnerability VCID-h2m2-qvbh-47hy
11
vulnerability VCID-qxwf-qv1y-n7aq
12
vulnerability VCID-s4uw-vmgd-jkd5
13
vulnerability VCID-zdx2-huy6-sqce
14
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.13.5
aliases CVE-2026-25639, GHSA-43fc-jf86-j433
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jpp8-3u2p-8qfn
14
url VCID-qxwf-qv1y-n7aq
vulnerability_id VCID-qxwf-qv1y-n7aq
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, for stream request bodies, maxBodyLength is bypassed when maxRedirects is set to 0 (native http/https transport path). Oversized streamed uploads are sent fully even when the caller sets strict body limits. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42034.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42034.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42034
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26744
published_at 2026-06-13T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26729
published_at 2026-06-14T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26529
published_at 2026-06-11T12:55:00Z
3
value 0.00096
scoring_system epss
scoring_elements 0.2673
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42034
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42034
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42034
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42034
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42034
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461623
reference_id 2461623
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461623
7
reference_url https://github.com/advisories/GHSA-5c9x-8gcm-mpgx
reference_id GHSA-5c9x-8gcm-mpgx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5c9x-8gcm-mpgx
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-5c9x-8gcm-mpgx
reference_id GHSA-5c9x-8gcm-mpgx
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:12:43Z/
url https://github.com/axios/axios/security/advisories/GHSA-5c9x-8gcm-mpgx
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42034, GHSA-5c9x-8gcm-mpgx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxwf-qv1y-n7aq
15
url VCID-s4uw-vmgd-jkd5
vulnerability_id VCID-s4uw-vmgd-jkd5
summary Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can (a) silently intercept and modify every JSON response before the application sees it, or (b) fully hijack the underlying HTTP transport, gaining access to request credentials, headers, and body. The precondition is prototype pollution from a separate source in the same process. This vulnerability is fixed in 1.15.1 and 0.31.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42033.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42033.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42033
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18872
published_at 2026-06-13T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18848
published_at 2026-06-14T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.1869
published_at 2026-06-11T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18853
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42033
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42033
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42033
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42033
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461607
reference_id 2461607
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461607
7
reference_url https://github.com/advisories/GHSA-pf86-5x62-jrwf
reference_id GHSA-pf86-5x62-jrwf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pf86-5x62-jrwf
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf
reference_id GHSA-pf86-5x62-jrwf
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T18:28:14Z/
url https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf
9
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
10
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
11
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
12
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
13
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
14
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
15
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
16
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
17
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
18
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
19
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
20
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
21
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
22
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
23
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
24
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
25
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
26
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
27
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
28
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
29
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
30
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
31
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
32
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
33
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
34
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
35
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
36
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
37
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
38
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
39
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42033, GHSA-pf86-5x62-jrwf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s4uw-vmgd-jkd5
16
url VCID-ydef-vukd-8qhf
vulnerability_id VCID-ydef-vukd-8qhf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39338.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39338.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39338
reference_id
reference_type
scores
0
value 0.02141
scoring_system epss
scoring_elements 0.84585
published_at 2026-06-11T12:55:00Z
1
value 0.02141
scoring_system epss
scoring_elements 0.84641
published_at 2026-06-14T12:55:00Z
2
value 0.02141
scoring_system epss
scoring_elements 0.84648
published_at 2026-06-13T12:55:00Z
3
value 0.02141
scoring_system epss
scoring_elements 0.84638
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39338
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://github.com/axios/axios/commit/6b6b605eaf73852fb2dae033f1e786155959de3a
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/6b6b605eaf73852fb2dae033f1e786155959de3a
5
reference_url https://github.com/axios/axios/pull/6539
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/6539
6
reference_url https://github.com/axios/axios/pull/6543
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/6543
7
reference_url https://github.com/axios/axios/releases/tag/v1.7.4
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/releases/tag/v1.7.4
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078878
reference_id 1078878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078878
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2304369
reference_id 2304369
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2304369
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39338
reference_id CVE-2024-39338
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39338
11
reference_url https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html
reference_id CVE-2024-39338.html
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T19:24:57Z/
url https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html
12
reference_url https://github.com/advisories/GHSA-8hc4-vh64-cxmj
reference_id GHSA-8hc4-vh64-cxmj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8hc4-vh64-cxmj
13
reference_url https://github.com/axios/axios/releases
reference_id releases
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T19:24:57Z/
url https://github.com/axios/axios/releases
14
reference_url https://access.redhat.com/errata/RHSA-2024:6209
reference_id RHSA-2024:6209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6209
15
reference_url https://access.redhat.com/errata/RHSA-2024:6210
reference_id RHSA-2024:6210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6210
16
reference_url https://access.redhat.com/errata/RHSA-2024:6211
reference_id RHSA-2024:6211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6211
17
reference_url https://access.redhat.com/errata/RHSA-2024:6667
reference_id RHSA-2024:6667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6667
18
reference_url https://access.redhat.com/errata/RHSA-2024:7164
reference_id RHSA-2024:7164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7164
19
reference_url https://access.redhat.com/errata/RHSA-2024:8014
reference_id RHSA-2024:8014
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8014
20
reference_url https://access.redhat.com/errata/RHSA-2024:8023
reference_id RHSA-2024:8023
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8023
21
reference_url https://access.redhat.com/errata/RHSA-2024:8981
reference_id RHSA-2024:8981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8981
22
reference_url https://access.redhat.com/errata/RHSA-2025:1249
reference_id RHSA-2025:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1249
fixed_packages
0
url pkg:npm/axios@1.7.4
purl pkg:npm/axios@1.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rmd-rsjh-27hf
1
vulnerability VCID-47b2-yz73-8ffw
2
vulnerability VCID-4n9q-ca4t-nkh5
3
vulnerability VCID-5mmh-tc9h-gkcu
4
vulnerability VCID-6a8h-2wvu-g7en
5
vulnerability VCID-6b7c-jgtj-63eu
6
vulnerability VCID-7mzn-tmtx-q7dh
7
vulnerability VCID-92q4-fhsk-5bd9
8
vulnerability VCID-a346-zp6f-d7f7
9
vulnerability VCID-ef6h-8mvv-tqgb
10
vulnerability VCID-f821-yte2-pkbj
11
vulnerability VCID-g4m2-6ftk-bbaa
12
vulnerability VCID-h2m2-qvbh-47hy
13
vulnerability VCID-jpp8-3u2p-8qfn
14
vulnerability VCID-qxwf-qv1y-n7aq
15
vulnerability VCID-s4uw-vmgd-jkd5
16
vulnerability VCID-zdx2-huy6-sqce
17
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.7.4
aliases CVE-2024-39338, GHSA-8hc4-vh64-cxmj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ydef-vukd-8qhf
17
url VCID-zdx2-huy6-sqce
vulnerability_id VCID-zdx2-huy6-sqce
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42039.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42039.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42039
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.0949
published_at 2026-06-12T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09472
published_at 2026-06-14T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09483
published_at 2026-06-13T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09435
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42039
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42039
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/commit/85132ffba1a77609ea5d101c8a413dea7174932f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/commit/85132ffba1a77609ea5d101c8a413dea7174932f
6
reference_url https://github.com/axios/axios/releases/tag/v1.15.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/releases/tag/v1.15.1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42039
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42039
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
reference_id 1134878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134878
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461630
reference_id 2461630
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461630
10
reference_url https://github.com/advisories/GHSA-62hf-57xw-28j9
reference_id GHSA-62hf-57xw-28j9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-62hf-57xw-28j9
11
reference_url https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9
reference_id GHSA-62hf-57xw-28j9
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:14:11Z/
url https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9
12
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
13
reference_url https://access.redhat.com/errata/RHSA-2026:16476
reference_id RHSA-2026:16476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16476
14
reference_url https://access.redhat.com/errata/RHSA-2026:16532
reference_id RHSA-2026:16532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16532
15
reference_url https://access.redhat.com/errata/RHSA-2026:16534
reference_id RHSA-2026:16534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16534
16
reference_url https://access.redhat.com/errata/RHSA-2026:16535
reference_id RHSA-2026:16535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16535
17
reference_url https://access.redhat.com/errata/RHSA-2026:16542
reference_id RHSA-2026:16542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16542
18
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
19
reference_url https://access.redhat.com/errata/RHSA-2026:17468
reference_id RHSA-2026:17468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17468
20
reference_url https://access.redhat.com/errata/RHSA-2026:17474
reference_id RHSA-2026:17474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17474
21
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
22
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
23
reference_url https://access.redhat.com/errata/RHSA-2026:19109
reference_id RHSA-2026:19109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19109
24
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
25
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
26
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
27
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
28
reference_url https://access.redhat.com/errata/RHSA-2026:21338
reference_id RHSA-2026:21338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21338
29
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
30
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
31
reference_url https://access.redhat.com/errata/RHSA-2026:22619
reference_id RHSA-2026:22619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22619
32
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
33
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
34
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
35
reference_url https://access.redhat.com/errata/RHSA-2026:24473
reference_id RHSA-2026:24473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24473
36
reference_url https://access.redhat.com/errata/RHSA-2026:24536
reference_id RHSA-2026:24536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24536
37
reference_url https://access.redhat.com/errata/RHSA-2026:24539
reference_id RHSA-2026:24539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24539
38
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
39
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
40
reference_url https://access.redhat.com/errata/RHSA-2026:25041
reference_id RHSA-2026:25041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25041
41
reference_url https://access.redhat.com/errata/RHSA-2026:25089
reference_id RHSA-2026:25089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25089
42
reference_url https://access.redhat.com/errata/RHSA-2026:25271
reference_id RHSA-2026:25271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25271
43
reference_url https://access.redhat.com/errata/RHSA-2026:25273
reference_id RHSA-2026:25273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:25273
fixed_packages
0
url pkg:npm/axios@1.15.1
purl pkg:npm/axios@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mzn-tmtx-q7dh
1
vulnerability VCID-zgv9-294d-kqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.1
aliases CVE-2026-42039, GHSA-62hf-57xw-28j9
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdx2-huy6-sqce
18
url VCID-zgv9-294d-kqfx
vulnerability_id VCID-zgv9-294d-kqfx
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42264
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.09283
published_at 2026-06-11T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.09325
published_at 2026-06-14T12:55:00Z
2
value 0.0003
scoring_system epss
scoring_elements 0.09335
published_at 2026-06-13T12:55:00Z
3
value 0.0003
scoring_system epss
scoring_elements 0.09334
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42264
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42264
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42264
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42264
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42264
5
reference_url https://github.com/axios/axios/pull/10779
reference_id 10779
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-08T14:10:24Z/
url https://github.com/axios/axios/pull/10779
6
reference_url https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa
reference_id 47915144662f2733e6c051bdcb895a8c8f0586aa
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-08T14:10:24Z/
url https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa
7
reference_url https://github.com/advisories/GHSA-q8qp-cvcw-x6jj
reference_id GHSA-q8qp-cvcw-x6jj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q8qp-cvcw-x6jj
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj
reference_id GHSA-q8qp-cvcw-x6jj
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-08T14:10:24Z/
url https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj
9
reference_url https://github.com/axios/axios/releases/tag/v1.15.2
reference_id v1.15.2
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-05-08T14:10:24Z/
url https://github.com/axios/axios/releases/tag/v1.15.2
fixed_packages
0
url pkg:npm/axios@1.15.2
purl pkg:npm/axios@1.15.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8vwd-zh7x-d3dh
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.15.2
aliases CVE-2026-42264, GHSA-q8qp-cvcw-x6jj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgv9-294d-kqfx
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/axios@1.7.0-beta.2