You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Axios version 0.19.2 has a vulnarability to SSRF as described further in PR #3410 on the axios repo.
Motivation
This is a severe vulnarability, the dependabot has attempted to update the package in PR #4 but the several tests failed in the build pipelines
Contribution
I can manually update axios package version to the lowest version that has the vulnarability patched. Also by changing some tests to handle current response formats from africastalking APIs. For example:
Token: test 'generates auth token' expects result to contain key 'lifetimeInSeconds' but this is not part of response
The text was updated successfully, but these errors were encountered:
Mwandia
changed the title
Severe vulnarability in axios
Vulnarability in axios
Nov 11, 2022
Axios version 0.19.2 has a vulnarability to SSRF as described further in PR #3410 on the axios repo.
Motivation
This is a severe vulnarability, the dependabot has attempted to update the package in PR #4 but the several tests failed in the build pipelines
Contribution
I can manually update axios package version to the lowest version that has the vulnarability patched. Also by changing some tests to handle current response formats from africastalking APIs. For example:
The text was updated successfully, but these errors were encountered: