Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-11-06T19:22:38

Updated: 2024-08-04T16:33:57.813Z

Reserved: 2020-11-02T00:00:00

Link: CVE-2020-28168

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-11-06T20:15:13.163

Modified: 2024-11-21T05:22:25.573

Link: CVE-2020-28168

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-10-29T00:00:00Z

Links: CVE-2020-28168 - Bugzilla