Merge pull request #108 from Hexastack/107-issue-ssrf-in-axios

fix(frontend): axios SSRF vulnerability
2024-11-24 04:53:41 +00:00 · 2024-09-30 11:09:32 +01:00 · 2024-09-30 11:09:32 +01:00 · 170eccc0f6
commit 170eccc0f6
parent ddcc9757ef 11a4daca43
2 changed files with 5 additions and 6 deletions
--- a/frontend/package.json
+++ b/frontend/package.json
@ -26,7 +26,7 @@
    "@projectstorm/react-canvas-core": "^7.0.3",
    "@projectstorm/react-diagrams": "^7.0.4",
    "@types/qs": "^6.9.15",
-    "axios": "^1.6.8",
+    "axios": "^1.7.7",
    "eazychart-css": "^0.2.1-alpha.0",
    "eazychart-react": "^0.8.0-alpha.0",
    "hexabot-widget": "*",
--- a/package-lock.json
+++ b/package-lock.json
@ -35,7 +35,7 @@
        "@projectstorm/react-canvas-core": "^7.0.3",
        "@projectstorm/react-diagrams": "^7.0.4",
        "@types/qs": "^6.9.15",
-        "axios": "^1.6.8",
+        "axios": "^1.7.7",
        "eazychart-css": "^0.2.1-alpha.0",
        "eazychart-react": "^0.8.0-alpha.0",
        "hexabot-widget": "*",
@ -3044,10 +3044,9 @@
      }
    },
    "node_modules/axios": {
-      "version": "1.7.4",
+      "version": "1.7.7",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.7.tgz",
-      "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==",
+      "integrity": "sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q==",
      "license": "MIT",
      "dependencies": {
        "follow-redirects": "^1.15.6",
        "form-data": "^4.0.0",