DXE-4672 bump axios version to fix snyk vulnerability #239

glhrmv · 2025-01-28T15:59:37Z

Hi all, can we get this upgrade in?

https://security.snyk.io/vuln/SNYK-JS-AXIOS-7361793

lsadlon · 2025-01-29T07:37:03Z

Hi @glhrmv

Thanks for reporting it. I created internal ticket to investigate it.

BR,
Lukasz

artbookspirit · 2025-02-12T10:21:46Z

Hi @glhrmv,

For the axios dependency we specify the version range in package.json as ^1.1.2. This allows you to use all versions of axiom with the major number 1, including the newest 1.7.9. Do you encounter any problems updating your project's dependencies?

Thanks,
Piotr

glhrmv · 2025-02-21T10:01:12Z

Hi @artbookspirit,

Good point - I'll get back to you soon to see if an easy rm -rf node_modules/ && npm i resolves this.

lsadlon added the under-investigation label Jan 29, 2025

lsadlon changed the title ~~bump axios version to fix snyk vulnerability~~ DXE-4672 bump axios version to fix snyk vulnerability Jan 29, 2025

glhrmv changed the title ~~DXE-4672 bump axios version to fix snyk vulnerability~~ bump axios version to fix snyk vulnerability Jan 30, 2025

glhrmv changed the title ~~bump axios version to fix snyk vulnerability~~ DXE-4672 bump axios version to fix snyk vulnerability Jan 30, 2025

lkowalsk-akamai-com added the waiting for reporter label Feb 13, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DXE-4672 bump axios version to fix snyk vulnerability #239

DXE-4672 bump axios version to fix snyk vulnerability #239

glhrmv commented Jan 28, 2025

lsadlon commented Jan 29, 2025

artbookspirit commented Feb 12, 2025

glhrmv commented Feb 21, 2025

DXE-4672 bump axios version to fix snyk vulnerability #239

DXE-4672 bump axios version to fix snyk vulnerability #239

Comments

glhrmv commented Jan 28, 2025

lsadlon commented Jan 29, 2025

artbookspirit commented Feb 12, 2025

glhrmv commented Feb 21, 2025