Axios high severity vulnerability

rubystarashe / nuxt-vuex-localstorage

MIT License

161 stars 18 forks source link

Axios high severity vulnerability #26

Closed justinwride closed 3 years ago

justinwride commented 3 years ago

The current version of the "axios" dependency is "^0.19.2". This version contains a high severity vulnerability for Server-Side Request Forgery (SSRF).

The vulnerability is fixed in version "0.21.1" or later.

See https://npmjs.com/advisories/1594

sdailly commented 3 years ago

Any news about this issue ?

justinwride commented 3 years ago

Opened PR to address the issue. https://github.com/rubystarashe/nuxt-vuex-localstorage/pull/30

davidFagerburg commented 3 years ago

Can we get this merged in? It would be really great @rubystarashe

code-leen commented 3 years ago

Would highly appreciate this getting merged in! @rubystarashe pls and thank u

rubystarashe commented 3 years ago

@justinwride @davidFagerburg @colleenkingcode Thank you and sorry for late... I've been busy.