axios 0.21.0
2 security vulnerabilities
found in version
0.21.0
axios Inefficient Regular Expression Complexity vulnerability
high severity CVE-2021-3749
high severity
CVE-2021-3749
Affected versions:
< 0.21.2
axios before v0.21.2 is vulnerable to Inefficient Regular Expression Complexity.
Axios vulnerable to Server-Side Request Forgery
medium severity CVE-2020-28168
medium severity
CVE-2020-28168
Affected versions:
< 0.21.1
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
Author did not declare license for this package in the source code.
This package version has a MIT license in the source code, however it was not declared in the source code.
This package version is available.
This package version has not been yanked and is still available for usage.