Skip to content

Commit fca331e

Browse files
JOYclaude
JOY
and
claude
authored
fix: patch axios CVE-2025-62718 via override (#1)
Override axios >=1.15.0 to fix NO_PROXY hostname normalization bypass leading to SSRF. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
1 parent 7e89e38 commit fca331e

2 files changed

Lines changed: 308 additions & 270 deletions

File tree

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -212,7 +212,7 @@
212212
"pnpm": {
213213
"overrides": {
214214
"ws": "8.17.1",
215-
"axios": "1.12.0",
215+
"axios": ">=1.15.0",
216216
"tar-fs": "2.1.4",
217217
"node-forge": "1.3.2",
218218
"brace-expansion": "1.1.12",

0 commit comments

Comments
 (0)