Skip to content

Update dependency axios to ^0.31.0 [SECURITY] #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from

Update dependency axios to ^0.31.0 [SECURITY]

972196c
Select commit
Loading
Failed to load commit list.
Open

Update dependency axios to ^0.31.0 [SECURITY] #7

Update dependency axios to ^0.31.0 [SECURITY]
972196c
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / WhiteSource Security Check failed Apr 27, 2026 in 22m 27s

Security Report

You have successfully remediated 5 vulnerabilities, but introduced 10 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue
CVE-2026-42035

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

High 7.4 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42033

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

High 7.4 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42043

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

High 7.2 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42038

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

Medium 6.8 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42042

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

Medium 5.4 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42039

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

Medium 5.3 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42036

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

Medium 5.3 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42034

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

Medium 5.3 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42041

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

Medium 4.8 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None
CVE-2026-42040

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

-> ❌ axios-0.31.1.tgz (Vulnerable Library)

Low 3.7 Direct axios-0.31.1.tgz axios-0.31.1.tgz 1.15.1 None

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2023-26159 follow-redirects-1.13.0.tgz
CVE-2022-0155 follow-redirects-1.13.0.tgz
CVE-2022-0536 follow-redirects-1.13.0.tgz
CVE-2024-28849 follow-redirects-1.13.0.tgz
CVE-2026-40895 follow-redirects-1.13.0.tgz

Base branch total remaining vulnerabilities: 19
Base branch commit: 9747f642e0c7071927887b37359653c28972ea6a


Total libraries scanned: 79

Scan token: c01e6d9a61954243bc75278220ebc0f6

View more details on Mend Bolt for GitHub