-
Notifications
You must be signed in to change notification settings - Fork 304
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependency axios to v1.7.4 [SECURITY] #3385
base: main
Are you sure you want to change the base?
Conversation
|
aec0892
to
b7d7b54
Compare
b7d7b54
to
892c6c5
Compare
892c6c5
to
946f47d
Compare
946f47d
to
4ec652b
Compare
4ec652b
to
7b57c8d
Compare
7b57c8d
to
f1762f6
Compare
f1762f6
to
84bd0e7
Compare
84bd0e7
to
843fb79
Compare
843fb79
to
d1980ce
Compare
d1980ce
to
3592c40
Compare
3592c40
to
8567424
Compare
8567424
to
5c794a4
Compare
5c794a4
to
baafa2e
Compare
baafa2e
to
67a15a0
Compare
c5fe557
to
2b4f6f0
Compare
2b4f6f0
to
118f496
Compare
118f496
to
dbdc4f8
Compare
dbdc4f8
to
6c679b8
Compare
6c679b8
to
5cffc36
Compare
5cffc36
to
ee6b010
Compare
ee6b010
to
c67e524
Compare
c67e524
to
08ed8d2
Compare
08ed8d2
to
329fea6
Compare
329fea6
to
cf5b3e6
Compare
cf5b3e6
to
b4d3501
Compare
b4d3501
to
cf68c1b
Compare
cf68c1b
to
2cdad51
Compare
2cdad51
to
d3392ed
Compare
This PR contains the following updates:
1.6.8
->1.7.4
GitHub Vulnerability Alerts
CVE-2023-45857
An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
CVE-2024-39338
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
Release Notes
axios/axios (axios)
v1.7.4
Compare Source
Bug Fixes
Contributors to this release
v1.7.3
Compare Source
Bug Fixes
Contributors to this release
v1.7.2
Compare Source
Bug Fixes
Contributors to this release
v1.7.1
Compare Source
Bug Fixes
Contributors to this release
v1.7.0
Compare Source
Features
Bug Fixes
Contributors to this release
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR was generated by Mend Renovate. View the repository job log.