Skip to content

Moderate Severity: Axios CSRF Vulnerability in Versions 0.8.1 to 1.5.1 #111

New issue
New issue
Closed
#115
Closed
Moderate Severity: Axios CSRF Vulnerability in Versions 0.8.1 to 1.5.1#111
#115
Labels
dependenciesPull requests that update a dependency file
@fundWJ

Description

@fundWJ
fundWJ
opened on Jan 25, 2024

Hi,

We recently found this issue when updating the packages,
in npm audit we got this Moderate Severity issue:

current cloudconvert version: 2.3.5

axios  0.8.1 - 1.5.1
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
fix available via `npm audit fix --force`
node_modules/cloudconvert/node_modules/axios
  cloudconvert  >=2.0.0
  Depends on vulnerable versions of axios
  node_modules/cloudconvert

Would be great if this can be updated.
Thank you.

Metadata

Metadata

Assignees

No one assigned

    Labels

    dependenciesPull requests that update a dependency file

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions