IxtliHIGHCVE-2025-58754npmCVSS 7.5
axios
Published
Description
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL
Affected Versions
>=1.0.0>=0.28.0
FIXED VERSIONS0.30.01.8.21.12.00.30.21.7.4
References
WEBhttps://github.com/axios/axios/security/advisories/GHSA-4hjh-wcwx-xvwjADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-58754WEBhttps://github.com/axios/axios/pull/7011WEBhttps://github.com/axios/axios/pull/7034WEBhttps://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593WEBhttps://github.com/axios/axios/commit/a1b1d3f073a988601583a604f5f9f5d05a3d0b67WEBhttps://github.com/axios/axios/commit/c30252f685e8f4326722de84923fcbc8cf557f06PACKAGEhttps://github.com/axios/axiosWEBhttps://github.com/axios/axios/releases/tag/v0.30.2WEBhttps://github.com/axios/axios/releases/tag/v1.12.0ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-39338WEBhttps://github.com/axios/axios/issues/6463WEBhttps://github.com/axios/axios/pull/6539WEBhttps://github.com/axios/axios/pull/6543WEBhttps://github.com/axios/axios/commit/6b6b605eaf73852fb2dae033f1e786155959de3aWEBhttps://github.com/axios/axios/releasesWEBhttps://github.com/axios/axios/releases/tag/v1.7.4WEBhttps://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.htmlWEBhttps://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-27152WEBhttps://github.com/axios/axios/pull/6829WEBhttps://github.com/axios/axios/commit/02c3c69ced0f8fd86407c23203835892313d7fdeWEBhttps://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00fWEBhttps://github.com/axios/axios/releases/tag/v1.8.2