axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
Package: axios (npm)
Affected versions: >= 1.3.2, <= 1.7.3
Patched version: 1.7.4
Please update the axios package in this repository.
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
Package: axios (npm)
Affected versions: >= 1.3.2, <= 1.7.3
Patched version: 1.7.4
Please update the axios package in this repository.