Vulnerability Intelligence

Public vulnerability intelligence, dependency exposure and research context for npm packages.

🌐

axios

Promise-based HTTP client for browser and Node.js security research

Current tracked

Current tracked 1.18.0

Fixed 1.18.0+

Affected <1.8.2; 1.13.0-1.13.1; <1.15.0; 1.15.0; <1.16.0; malicious: 1.14.1, 0.30.4

Axios is a widely used promise-based HTTP client for browsers and Node.js. It is commonly placed on authentication, API integration, redirect, proxy and service-to-service boundaries. Its current security relevance includes SSRF and credential leakage via URL resolution behavior, proxy and NO_PROXY bypasses, HTTP/2 denial-of-service conditions, header handling risks, and a confirmed 2026 npm supply-chain compromise involving malicious axios versions. Production usage should prefer axios 1.18.0 or later and explicitly block malicious versions 1.14.1 and 0.30.4.

Category HTTP Client

Ecosystem npm / JavaScript

Common usage API clients, frontend requests, backend integrations, authentication flows, redirects, headers, JSON payloads and HTTP automation.

Risk model High-risk dependency when used with SSRF-sensitive flows, proxy rules, redirects, custom headers, credentials or untrusted URL construction.

Why it is widely used

Simple and consistent API compared to native HTTP implementations.

Works across browsers and Node.js with a unified programming model.

Provides built-in handling for JSON payloads, headers, redirects and timeouts.

Supports interceptors for authentication, logging, observability and request manipulation.

Frequently embedded in SDKs, cloud integrations, payment platforms and third-party connectors.

Commonly used in service-to-service architectures and distributed systems.

Acts as a trust-boundary component between user-controlled input and external services.

Frequently appears in SSRF-sensitive request flows and proxy-controlled environments.

Risk score 92

Known issues 17

Exploit maturity Public advisories, confirmed supply-chain compromise, reproducible PoCs and active operational relev

Vulnerability burndown

Critical High Medium

MTTR critical severity

7 days

No data

Library risk age

277 days

92% lower than last month

Total vulnerabilities

17 Vulnerabilities

Critical 2 High 7 Medium 8 Low 0

Severity	Vulnerability name	Library	Surface	Status	Published date	SLA	Tags
Critical	Cross-site Request Forgery	axios@0.22.0	HTTP client	New	May 28, 2025	7 days	CSRF
Critical	Malicious npm Package Versions Delivered Cross-Platform RAT	axios@1.14.1; axios@0.30.4	Supply chain / npm package publication	Remediated	2026-03-31	Remove malicious versions; rotate credentials; rebuild from clean environment	Supply Chain
High	Regular Expression Denial of Service	axios@0.22.0	Regex	New	May 16, 2025	20 days	ReDoS
High	Prototype Pollution (mergeConfig)	axios <0.31.1	Config handling	New	Jun 2025	30 days	Prototype Pollution
High	NO_PROXY Bypass via IPv4-Mapped IPv6 Addresses	axios >=1.0.0 <1.16.0; axios <=0.31.1	Proxy / NO_PROXY handling	Published	2026-05-29	Upgrade to 1.16.0 or 0.32.0	SSRF
High	Incomplete Fix for NO_PROXY Bypass via 127.0.0.0/8 Loopback Subnet	axios 1.15.0	Proxy / NO_PROXY handling	Published	2026-05-05	Upgrade beyond 1.15.0	SSRF
High	Uncontrolled Recursion (toFormData) Validated PoC	axios <0.31.1	Serializer / multipart form-data conversion	Published	2025-06-01	Upgrade to 0.31.1	DoS
High	HTTP Response Splitting via Headers Validated PoC	axios <0.31.0	Headers / CRLF propagation	Published	2025-06-01	Upgrade to 0.31.0	Header Injection
High	SSRF and Credential Leakage via Absolute URL Override	axios <1.8.2	Request URL resolution	Published	2025-03-06	Upgrade to 1.8.2	SSRF
Medium	NO_PROXY Hostname Normalization Bypass Leading to SSRF	axios <1.15.0; axios <0.31.0	Proxy / NO_PROXY handling	Published	2026-04-09	Upgrade to 1.15.0 or 0.31.0	SSRF
Medium	Cloud Metadata Exfiltration via Header Injection Chain	axios >=1.0.0 <1.15.0; axios <0.31.0	Headers / proxy / metadata service	Published	2026-04-09	Upgrade to 1.15.0 or 0.31.0	Header Injection
Medium	HTTP/2 Session Cleanup Denial of Service	axios >=1.13.0 <1.13.2	HTTP/2 adapter	Published	2026-04-08	Upgrade to 1.13.2	DoS
Medium	XSRF Token Leakage via Config Manipulation Validated PoC	axios <0.31.1	HTTP headers / XSRF token propagation	Published	2025-06-01	Upgrade to 0.31.1	Data Leak
Medium	Bypass of maxContentLength (large response) Validated PoC	axios <0.31.1	HTTP adapter / stream response handling	Published	2025-06-01	Upgrade to 0.31.1	DoS
Medium	Bypass of maxBodyLength (upload) Validated PoC	axios <0.31.1	HTTP adapter / streamed upload handling	Published	2025-06-01	Upgrade to 0.31.1	DoS
Medium	Improper Encoding (NUL byte injection) Validated PoC	axios <0.31.1	URL params / AxiosURLSearchParams serialization	Published	2025-06-01	Upgrade to 0.31.1	Encoding
Medium	Server-side Request Forgery (SSRF) Validated PoC	axios <0.30.0	Request handling / user-controlled URL fetching	Published	2025-05-01	Upgrade to 0.30.0	SSRF
No vulnerability records match the selected filter.

FikreSekhel Research

Research Notes

Behavioral findings, exploitability observations and operational dependency intelligence produced by FikreSekhel for this library.

RN-001

Multipart Header Authority in Axios

FormData-derived metadata can override explicitly supplied Authorization headers unless constrained by header policy.

Mitigated Medium Confirmed

FikreSekhel Intelligence analyzed multipart request construction behavior in Axios to evaluate how FormData metadata interacts with application-defined request headers.

Surface Multipart Request Construction

Primitive Header Authority Override

Tested versions axios@1.16.1

Observed behavior

By default, Axios accepted headers returned by FormData.getHeaders() and allowed those values to supersede an explicitly supplied Authorization header. The observed runtime request contained Authorization: Bearer attacker instead of the application-defined Authorization: Bearer legitimate.

Security implication

This behavior may become security-relevant when applications process multipart abstractions from untrusted wrappers, dynamically composed request pipelines, plugin systems, SDKs, middleware, or third-party integrations. The primary risk is header authority confusion rather than direct remote exploitation.

Mitigation

Setting formDataHeaderPolicy to content-only preserved application header authority and prevented arbitrary metadata such as Authorization and X-Evil from being propagated from FormData.getHeaders().

Observed before mitigation

{
  "authorization": "Bearer attacker",
  "x-evil": "controlled",
  "content-type": "multipart/form-data"
}

Observed after mitigation

{
  "authorization": "Bearer legitimate",
  "content-type": "multipart/form-data"
}

View PoC code

import axios from "./index.js";
import FormData from "form-data";

const form = new FormData();
form.append("test", "hello");

const originalGetHeaders = form.getHeaders.bind(form);

form.getHeaders = function () {
  return {
    ...originalGetHeaders(),
    authorization: "Bearer attacker",
    "x-evil": "controlled"
  };
};

axios.post("http://localhost:3000", form, {
  headers: {
    authorization: "Bearer legitimate"
  },
  proxy: false
});

View mitigation code

axios.post("http://localhost:3000", form, {
  headers: {
    authorization: "Bearer legitimate"
  },
  formDataHeaderPolicy: "content-only",
  proxy: false
});

View FRES detection heuristic

Flag JavaScript projects using axios.post/put/patch with FormData and Authorization headers where formDataHeaderPolicy: "content-only" is missing. Increase confidence when getHeaders() is overridden, wrapped, monkey-patched, or exposed through custom upload abstractions.

Trust Boundary 2026-05-25

1 2 3 4

Need private intelligence for your codebase? Request deeper analysis, exploitability review and dependency risk mapping from the Fikresekhel consulting team.