Skip to content

HIGH: axios@1.13.2 — 15 additional SSRF, Prototype Pollution, CRLF & DoS advisories (not in #193) #823

Open
Open
HIGH: axios@1.13.2 — 15 additional SSRF, Prototype Pollution, CRLF & DoS advisories (not in #193)#823
Labels
P1: highbugSomething isn't workingcoreCore sidecar/server logicdependency-vulnerabilityDependency security vulnerability findingseffort: smalltype: security
@realfishsam

Description

@realfishsam
realfishsam
opened on Jun 1, 2026

Vulnerability

Severity: HIGH (all advisories)
Package: axios@1.13.2
Affected component: core
Dependency type: direct (core/package.json"axios": "^1.13.2")

Note: Issue #193 already tracks 5 axios advisories (GHSA-43fc-jf86-j433, GHSA-pf86-5x62-jrwf, GHSA-6chq-wfr3-2hj9, GHSA-q8qp-cvcw-x6jj, GHSA-pmwg-cvhr-8vh7). This issue tracks 15 additional advisories discovered in the same affected version range (1.0.0–1.15.2) that are not covered by #193.

Advisories (all affect axios 1.0.0 – 1.15.2)

Advisory Description
GHSA-3p68-rc4w-qgx5 SSRF — NO_PROXY hostname normalization bypass
GHSA-w9j2-pvgh-6h63 Authentication Bypass via Prototype Pollution in validateStatus
GHSA-3w6x-2g7m-8v23 Invisible JSON Response Tampering via Prototype Pollution in parseResponse
GHSA-xhjh-pmcv-23jw Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams
GHSA-445q-vr5w-6q77 CRLF Injection in multipart/form-data body via unsanitized blob.type
GHSA-m7pr-hjqh-92cm SSRF — no_proxy bypass via IP alias
GHSA-62hf-57xw-28j9 DoS — unbounded recursion in toFormData via deeply nested request data
GHSA-5c9x-8gcm-mpgx HTTP adapter-streamed uploads bypass maxBodyLength when maxRedirects: 0
GHSA-vf2m-468p-8v99 HTTP adapter streamed responses bypass maxContentLength
GHSA-fvcv-3m26-pcqx Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
GHSA-pjwm-pj3p-43mv shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses — SSRF
GHSA-898c-q2cr-xwhg DoS & Header Injection via Prototype Pollution read-side gadgets
GHSA-3g43-6gmg-66jw Credential Theft and Response Hijacking via Prototype Pollution
GHSA-35jp-ww65-95wh Full Man-in-the-Middle via Prototype Pollution Gadget in config
GHSA-xx6v-rp6x-q39c XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in withXSRFToken

Fix

Recommended version: axios ≥1.15.2
Fix command:

npm update axios

Or pin directly in core/package.json: "axios": "^1.15.2"

Risk Assessment

This is a direct runtime dependency. axios is used throughout pmxt-core to make HTTP requests to prediction market APIs (Polymarket, Kalshi, Limitless, etc.). The Prototype Pollution advisories are exploitable if attacker-controlled data reaches axios request configuration or response parsing — a realistic attack surface when consuming external API responses. The multiple SSRF advisories (GHSA-3p68-rc4w-qgx5, GHSA-m7pr-hjqh-92cm, GHSA-pjwm-pj3p-43mv) are relevant if PMXT is deployed behind a proxy to restrict internal network access. The cloud metadata exfiltration advisory (GHSA-fvcv-3m26-pcqx) is critical if deployed in AWS/GCP/Azure environments where the metadata endpoint is accessible.

Found by automated dependency vulnerability scan

Metadata

Metadata

Assignees

No one assigned

    Labels

    P1: highbugSomething isn't workingcoreCore sidecar/server logicdependency-vulnerabilityDependency security vulnerability findingseffort: smalltype: security

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions