An open index of dependabot pull requests across open source projects.

axios

Ecosystem:
npm
Package URL:
pkg:npm/axios
Total PRs:
71,621 Dependabot PRs
Latest PR:
1 day ago
Unique Repositories:
39,174 repositories
Unique Repos (30 days):
148 repositories
Security Advisories
Axios: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in `withXSRFToken` Boolean Coercion
GHSA-xx6v-rp6x-q39c CVE-2026-42042 MODERATE published 2 months ago • updated 3 days ago
# Vulnerability Disclosure: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in `withXSRFToken` Boolean Coercion ## Summary The Axi...
Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`
GHSA-3w6x-2g7m-8v23 CVE-2026-42044 MODERATE published 2 months ago • updated 17 days ago
# Vulnerability Disclosure: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver` ## Summary The Axios library is vu...
Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter
GHSA-p92q-9vqr-4j8v CVE-2026-44487 HIGH published about 1 month ago • updated 2 days ago
## Summary Axios’s Node.js HTTP adapter may forward a `Proxy-Authorization` header to a redirected origin during specific proxy-to-direct redirect...
Axios is vulnerable to DoS attack through lack of data size check
GHSA-4hjh-wcwx-xvwj CVE-2025-58754 HIGH published 10 months ago • updated 3 days ago
## Summary When Axios runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes...
Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy
GHSA-w9j2-pvgh-6h63 CVE-2026-42041 MODERATE published 2 months ago • updated 17 days ago
# Vulnerability Disclosure: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy ## Summary The Axios library ...
Recent PRs
Package Details
Name: axios
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/axios
JSON API: View JSON
Security Advisories

33

Active advisories
HIGH 17
MODERATE 14
LOW 2
View All npm Advisories
Package Information
Description:

Promise based HTTP client for the browser and node.js

Repository: https://github.com/axios/axios
Homepage: https://axios-http.com
Latest Release: 1.9.0
about 1 year ago
Dependent Repos: 453,457
Dependent Packages: 97,210
Downloads: 273,533,655
Ranking: Top 0.0542% by dependent repos Top 0.0039% by downloads Top 0.0009% by dependent pkgs
PR Status
Open 36,406 (50.8%)
Merged 7,940 (11.1%)
Closed 25,591 (35.7%)
PR Types
Major 7,560 (10.6%)
Minor 54,266 (75.8%)
Patch 5,825 (8.1%)
Removal 2,170 (3.0%)