Skip to content

Commit c4ae860

Browse files
avinash-bharticlaude
avinash-bharti
and
claude
committed
fix: add axios override to patch SSRF vulnerability (APS-18720)
Adds npm override for axios >=1.15.0 to fix GHSA-3p68-rc4w-qgx5 (NO_PROXY hostname normalization bypass leads to SSRF). The package is a transitive dev dependency. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 3584970 commit c4ae860

1 file changed

Lines changed: 2 additions & 1 deletion

File tree

package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@
2929
"dotenv": "^16.0.0"
3030
},
3131
"overrides": {
32-
"serialize-javascript": ">=7.0.3"
32+
"serialize-javascript": ">=7.0.3",
33+
"axios": ">=1.15.0"
3334
}
3435
}

0 commit comments

Comments
 (0)