chore(deps): update dependency axios to 0.21.1 [security] #16

renovate · 2021-06-23T02:54:07Z

This PR contains the following updates:

Package	Change
axios	`0.19.2` -> `0.21.1`

GitHub Vulnerability Alerts

CVE-2020-28168

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.

Configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box.

This PR has been generated by WhiteSource Renovate. View repository job log here.

renovate bot force-pushed the renovate/npm-axios-vulnerability branch from d17cdcf to 817e253 Compare June 23, 2021 03:32

chore(deps): update dependency axios to 0.21.1 [security]

a4e5aaa

renovate bot force-pushed the renovate/npm-axios-vulnerability branch from 817e253 to a4e5aaa Compare June 23, 2021 03:37

mdnorman merged commit 5d0ebe8 into master Jun 23, 2021

mdnorman deleted the renovate/npm-axios-vulnerability branch June 23, 2021 03:38

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency axios to 0.21.1 [security] #16

chore(deps): update dependency axios to 0.21.1 [security] #16

renovate bot commented Jun 23, 2021 •

edited

Loading

chore(deps): update dependency axios to 0.21.1 [security] #16

chore(deps): update dependency axios to 0.21.1 [security] #16

Conversation

renovate bot commented Jun 23, 2021 • edited Loading

GitHub Vulnerability Alerts

CVE-2020-28168

Configuration

renovate bot commented Jun 23, 2021 •

edited

Loading