Количество 9
Количество 9
BDU:2025-02726
Уязвимость библиотеки axios, связанная с недостаточной проверкой запросов на стороне сервера, позволяющая нарушителю осуществить SSRF-атаку
CVE-2025-27152
axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2.
CVE-2025-27152
axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2.
CVE-2025-27152
axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2.
CVE-2025-27152
axios is a promise based HTTP client for the browser and node.js. The ...
SUSE-SU-2025:1227-1
Security update for pgadmin4
GHSA-jr5f-v2jv-69x6
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL
SUSE-SU-2025:1326-1
Security update for pgadmin4
SUSE-SU-2025:01326-1
Security update for pgadmin4
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-02726 Уязвимость библиотеки axios, связанная с недостаточной проверкой запросов на стороне сервера, позволяющая нарушителю осуществить SSRF-атаку | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2025-27152 axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2. | 0% Низкий | 6 месяцев назад | |
 | CVE-2025-27152 axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2. | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-27152 axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2. | 0% Низкий | 6 месяцев назад | |
| CVE-2025-27152 axios is a promise based HTTP client for the browser and node.js. The ... | 0% Низкий | 6 месяцев назад | |
 | SUSE-SU-2025:1227-1 Security update for pgadmin4 | 0% Низкий | 5 месяцев назад | |
| GHSA-jr5f-v2jv-69x6 axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL | 0% Низкий | 6 месяцев назад | |
| SUSE-SU-2025:1326-1 Security update for pgadmin4 | 5 месяцев назад | ||
| SUSE-SU-2025:01326-1 Security update for pgadmin4 | около 1 месяца назад |
Уязвимостей на страницу