Skip to content

Axios Dependency Package Version Update #18

Description

@CSLim98

The axios package being used having high severity vulnerabilities.

# npm audit report

axios <=1.8.1
Severity: high
Axios Cross-Site Request Forgery Vulnerability - GHSA-wf5p-g6vw-rhxx
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL - GHSA-jr5f-v2jv-69x6
No fix available
node_modules/@tuya/tuya-connector-nodejs/node_modules/axios
@tuya/tuya-connector-nodejs *
Depends on vulnerable versions of axios
node_modules/@tuya/tuya-connector-nodejs

2 high severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions