Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axios axios vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-39338
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
Axios Axios
1 Github repository
7.5
CVSSv3
CVE-2019-10742
Axios up to and including 0.18.0 allows malicious users to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.
Axios Axios
6.5
CVSSv3
CVE-2023-45857
An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing malicious users to view sensitive information.
Axios Axios 1.5.1
2 Github repositories
5.9
CVSSv3
CVE-2020-28168
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
Axios Axios
Siemens Sinec Ins
Siemens Sinec Ins 1.0
1 Github repository
7.5
CVSSv3
CVE-2021-3749
axios is vulnerable to Inefficient Regular Expression Complexity
Axios Axios
Siemens Sinec Ins
Siemens Sinec Ins 1.0
Oracle Goldengate
3 Github repositories
7.7
CVSSv4
CVE-2025-27152
axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leaka...
Axios Axios
1 Github repository
NA
CVE-2024-57965
In axios prior to 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool an...
Axios Axios
6.1
CVSSv3
CVE-2019-7693
Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.aspx Error_Parameters parameter. In some situations, the XSS would be on the family.axioscloud.it cloud service; however, the vendor also supports "Sissi in Rete (con server)" for offline operation.
Axiositalia Registro Elettronico 1.7.0
Axiositalia Registro Elettronico 7.0.0
7.5
CVSSv3
CVE-2019-25069
A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated re...
Axiositalia Registro Elettronico 1.7.0
Axiositalia Registro Elettronico 7.0.0
8.8
CVSSv3
CVE-2019-25068
A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be i...
Axiositalia Registro Elettronico 1.7.0
Axiositalia Registro Elettronico 7.0.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
viasat
dos
cross-site request forgery
teconcetheme
CVE-2025-1565
CVE-2025-28076
firmware
z2d
web server
CVE-2025-2070
CVE-2025-3645
CVE-2025-31324
CVE-2024-6235
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon