The following is coming back from an NPM audit report against the latest version of this library (0.1.0). If this is still supported it'd be nice if we could get these resolved.
# npm audit report
axios <=0.21.1
Severity: high
Denial of Service in axios - https://github.com/advisories/GHSA-42xw-2xvc-qx8m
Axios vulnerable to Server-Side Request Forgery - https://github.com/advisories/GHSA-4w2v-q235-vp99
axios Inefficient Regular Expression Complexity vulnerability - https://github.com/advisories/GHSA-cph5-m8f7-6c5x
Depends on vulnerable versions of follow-redirects
No fix available
node_modules/zipkin-instrumentation-axios/node_modules/axios
zipkin-instrumentation-axios *
Depends on vulnerable versions of axios
Depends on vulnerable versions of zipkin
node_modules/zipkin-instrumentation-axios
follow-redirects <=1.14.7
Severity: high
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects - https://github.com/advisories/GHSA-pw2r-vq6v-hr8c
Exposure of sensitive information in follow-redirects - https://github.com/advisories/GHSA-74fj-2j2h-c42q
No fix available
node_modules/zipkin-instrumentation-axios/node_modules/follow-redirects
ws <=1.1.4
Severity: high
Denial of Service in ws - https://github.com/advisories/GHSA-5v72-xg48-5rpm
Remote Memory Disclosure in ws - https://github.com/advisories/GHSA-2mhh-w6q8-5hxw
DoS due to excessively large websocket message in ws - https://github.com/advisories/GHSA-6663-c963-2gqg
fix available via `npm audit fix`
node_modules/thrift/node_modules/ws
thrift 0.9.3 - 0.10.0
Depends on vulnerable versions of ws
node_modules/thrift
zipkin 0.1.9 - 0.9.0
Depends on vulnerable versions of thrift
node_modules/zipkin-instrumentation-axios/node_modules/zipkin
The following is coming back from an NPM audit report against the latest version of this library (0.1.0). If this is still supported it'd be nice if we could get these resolved.