You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At least GHSA-wf5p-g6vw-rhxx has been fixed in there. axios/axios#6131 has only been fixed in 1.6.3 but upgrading to this version would probably be a breaking change and it is "only" a ReDoS attack.
What happened?
Description
axios 0.27.2 has these two vulnerabilities:
Please upgrade axios to 0.28.1
cms/package.json
Line 36 in 4b05a2f
At least GHSA-wf5p-g6vw-rhxx has been fixed in there. axios/axios#6131 has only been fixed in 1.6.3 but upgrading to this version would probably be a breaking change and it is "only" a ReDoS attack.
Steps to reproduce
axios.VERSION
Craft CMS version
4.10.7
PHP version
No response
Operating system and version
No response
Database type and version
No response
Image driver and version
No response
Installed plugins and versions
No response
The text was updated successfully, but these errors were encountered: