Open GuusDeGraeve opened 4 months ago
The axios version used is vulnerable to Improper Input Validation through sub-dependency follow-redirects. This PR upgrades the axios version in order to mitigate this vulnerability.
axios
follow-redirects
More info: https://nvd.nist.gov/vuln/detail/CVE-2023-26159
@ai-wintermute / @scroll17 can someone possibly review this one? It's quite a high ranked CVE. Thanks!
I don't think this repo is being actively maintained any more but @ai-wintermute can confirm.
The
axios
version used is vulnerable to Improper Input Validation through sub-dependencyfollow-redirects
. This PR upgrades theaxios
version in order to mitigate this vulnerability.More info: https://nvd.nist.gov/vuln/detail/CVE-2023-26159