Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security issue: Uses a vulnerable version of Axios #615

Open
kwolniak opened this issue Apr 9, 2024 · 2 comments
Open

Security issue: Uses a vulnerable version of Axios #615

kwolniak opened this issue Apr 9, 2024 · 2 comments

Comments

@kwolniak
Copy link

kwolniak commented Apr 9, 2024

Axios Cross-Site Request Forgery Vulnerability - GHSA-wf5p-g6vw-rhxx
Fixed in https://github.com/axios/axios/releases/tag/v0.28.0

Any chance to update?

@DamianGlowala
Copy link

For anyone concerned: use resolutions field in your package.json which will override the version this package is using:

"resolutions": {
    "axios": "0.28.0"
}

@r-marmitt
Copy link

As of npm cli v8.3.0 (2021-12-09) this can be solved using the overrides field of package.json.

But it would be awesome if it got updated.

"overrides": {
    "@nuxtjs/axios": {
      "axios": "^0.28.0"
    }
  }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants