Search for packages
Package details: pkg:deb/debian/node-axios@0.21.1%2Bdfsg-1%2Bdeb11u1
purl pkg:deb/debian/node-axios@0.21.1%2Bdfsg-1%2Bdeb11u1
Next non-vulnerable version 1.8.4+dfsg-1
Latest non-vulnerable version 1.8.4+dfsg-1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-9kzj-nmnp-nbe3
Aliases:
CVE-2025-27152
GHSA-jr5f-v2jv-69x6
axios: Possible SSRF and Credential Leakage via Absolute URL in axios Requests
1.8.4+dfsg-1
Affected by 0 other vulnerabilities.
VCID-ffxn-ay5z-3kdc
Aliases:
CVE-2024-57965
In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability.
1.2.1+dfsg-1+deb12u1
Affected by 1 other vulnerability.
VCID-hfp7-rkga-aaak
Aliases:
CVE-2023-45857
GHSA-wf5p-g6vw-rhxx
An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
1.2.1+dfsg-1+deb12u1
Affected by 1 other vulnerability.
1.6.8+dfsg-2
Affected by 0 other vulnerabilities.
1.7.7+dfsg-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-dadn-n4tm-aaae Incorrect Comparison axios is vulnerable to Inefficient Regular Expression Complexity CVE-2021-3749
GHSA-cph5-m8f7-6c5x
VCID-tgmj-3rf5-aaan Axios NPM package contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address. CVE-2020-28168
GHSA-4w2v-q235-vp99

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-22T16:10:43.827394+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-22T04:14:19.734476+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak None 36.1.3
2025-06-22T00:13:06.042370+00:00 Debian Importer Affected by VCID-ffxn-ay5z-3kdc https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T09:28:49.342629+00:00 Debian Importer Affected by VCID-9kzj-nmnp-nbe3 https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T02:56:00.929183+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T02:40:10.129733+00:00 Debian Oval Importer Fixing VCID-dadn-n4tm-aaae None 36.1.3
2025-06-21T02:30:18.893498+00:00 Debian Oval Importer Fixing VCID-tgmj-3rf5-aaan None 36.1.3
2025-06-20T21:09:39.278863+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan None 36.1.3
2025-06-07T20:05:08.395023+00:00 Debian Oval Importer Fixing VCID-dadn-n4tm-aaae None 36.1.0
2025-06-07T19:54:20.331192+00:00 Debian Oval Importer Fixing VCID-tgmj-3rf5-aaan None 36.1.0
2025-04-22T13:55:49.016502+00:00 Debian Importer Affected by VCID-9kzj-nmnp-nbe3 https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-12T20:09:58.928871+00:00 Debian Oval Importer Fixing VCID-tgmj-3rf5-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:04:05.429932+00:00 Debian Oval Importer Fixing VCID-dadn-n4tm-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-07T18:42:24.869759+00:00 Debian Oval Importer Fixing VCID-dadn-n4tm-aaae None 36.0.0
2025-04-07T18:32:11.721878+00:00 Debian Oval Importer Fixing VCID-tgmj-3rf5-aaan None 36.0.0
2025-04-06T09:23:48.244110+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T22:19:29.633875+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak None 36.0.0
2025-04-05T19:26:23.468592+00:00 Debian Importer Affected by VCID-ffxn-ay5z-3kdc https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-04T05:42:59.155981+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-03T23:48:52.195270+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan None 36.0.0
2025-02-21T14:20:07.254555+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak None 35.1.0
2025-02-21T14:20:05.208331+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-19T16:01:10.977211+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-19T16:01:08.891313+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan None 35.1.0
2024-11-24T03:26:37.950619+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-10-11T00:51:04.116233+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-09-20T05:21:41.323181+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-04-26T05:48:44.946113+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak None 34.0.0rc4
2024-04-26T05:48:43.384816+00:00 Debian Importer Affected by VCID-hfp7-rkga-aaak https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-24T19:31:14.906053+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-24T19:31:12.583015+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan None 34.0.0rc4
2024-01-10T20:57:47.224693+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-10T20:57:44.775962+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan None 34.0.0rc2
2024-01-04T10:15:56.435092+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T10:15:54.083812+00:00 Debian Importer Fixing VCID-tgmj-3rf5-aaan None 34.0.0rc1