axios
Security Risk Profile
Security Risk Score
Comprehensive risk assessment based on 25 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from May 7, 2019 to present
Threat Assessment
Severity Distribution
Exploit Likelihood
Age Distribution
Common Weaknesses (CWE)
Most Affected Products
Recent Vulnerabilities
See more →Axios: Prototype pollution read-side gadgets in HTTP adapter allow credential injection and request hijacking
Axios: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in `withXSRFToken` Boolean Coercion
Axios: unbounded recursion in toFormData causes DoS via deeply nested request data
Axios: HTTP adapter streamed responses bypass maxContentLength
Axios: HTTP adapter streamed uploads bypass maxBodyLength when maxRedirects: 0
Axios: CRLF Injection in multipart/form-data body via unsanitized blob.type in formDataToStream
Axios: no_proxy bypass via IP alias allows SSRF
Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy
Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0
Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`
Monitor axios in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.