Skip to content

fix(deps): update dependency axios to v1.12.0 [security] #464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
chgl merged 1 commit into from
Sep 30, 2025

fix(deps): update dependency axios to v1.12.0 [security]

2ed4bef
Select commit
Loading
Failed to load commit list.
Merged

fix(deps): update dependency axios to v1.12.0 [security] #464

fix(deps): update dependency axios to v1.12.0 [security]
2ed4bef
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Trivy (MegaLinter REPOSITORY_TRIVY) failed Sep 27, 2025 in 4s

6 new alerts including 6 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 6 high

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 7291 in src/list/package-lock.json

See this annotation in the file changed.

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

nodejs-ws: denial of service when handling a request with many HTTP headers High

Package: ws
Installed Version: 7.5.9
Vulnerability CVE-2024-37890
Severity: HIGH
Fixed Version: 5.2.4, 6.2.3, 7.5.10, 8.17.1
Link: CVE-2024-37890

Check failure on line 11432 in src/list/package-lock.json

See this annotation in the file changed.

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

cross-spawn: regular expression denial of service High

Package: cross-spawn
Installed Version: 7.0.3
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: CVE-2024-21538

Check failure on line 13825 in src/list/package-lock.json

See this annotation in the file changed.

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

cross-spawn: regular expression denial of service High

Package: cross-spawn
Installed Version: 6.0.5
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: CVE-2024-21538

Check failure on line 20558 in src/list/package-lock.json

See this annotation in the file changed.

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

braces: fails to limit the number of characters it can handle High

Package: braces
Installed Version: 2.3.2
Vulnerability CVE-2024-4068
Severity: HIGH
Fixed Version: 3.0.3
Link: CVE-2024-4068

Check failure on line 28595 in src/list/package-lock.json

See this annotation in the file changed.

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

nodejs-ws: denial of service when handling a request with many HTTP headers High

Package: ws
Installed Version: 8.13.0
Vulnerability CVE-2024-37890
Severity: HIGH
Fixed Version: 5.2.4, 6.2.3, 7.5.10, 8.17.1
Link: CVE-2024-37890

Check failure on line 28908 in src/list/package-lock.json

See this annotation in the file changed.

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

nodejs-ws: denial of service when handling a request with many HTTP headers High

Package: ws
Installed Version: 6.2.2
Vulnerability CVE-2024-37890
Severity: HIGH
Fixed Version: 5.2.4, 6.2.3, 7.5.10, 8.17.1
Link: CVE-2024-37890