chore(deps): update dependency axios to v1.6.0 [security]#108
Open
renovate[bot] wants to merge 1 commit into
Open
chore(deps): update dependency axios to v1.6.0 [security]#108renovate[bot] wants to merge 1 commit into
renovate[bot] wants to merge 1 commit into
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
November 16, 2023 11:50
1d2daa6 to
0d5adc1
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
January 28, 2024 12:41
0d5adc1 to
ba95b21
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
March 20, 2024 14:03
ba95b21 to
3d1386b
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
June 4, 2024 12:05
3d1386b to
754cede
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
August 6, 2024 08:14
754cede to
4f84cee
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
August 28, 2024 09:38
4f84cee to
b3c5032
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
October 9, 2024 11:16
b3c5032 to
3a42b8f
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
December 2, 2024 11:47
3a42b8f to
06c5e18
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
January 23, 2025 17:50
06c5e18 to
1d2d694
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
January 30, 2025 17:14
1d2d694 to
36a3d21
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
March 3, 2025 11:43
36a3d21 to
b32344a
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
March 8, 2025 14:06
b32344a to
002e476
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
March 11, 2025 10:27
002e476 to
a055a5a
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
May 28, 2025 09:46
e7d9991 to
23f387e
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
June 4, 2025 10:16
23f387e to
379da20
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
June 22, 2025 15:28
379da20 to
834d681
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
July 2, 2025 19:15
834d681 to
5a41a67
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
2 times, most recently
from
August 13, 2025 14:12
21dbe2a to
d28784d
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
August 31, 2025 13:37
d28784d to
5afd9a4
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
September 25, 2025 16:02
5afd9a4 to
92d9b6f
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
October 21, 2025 15:41
92d9b6f to
dbb64db
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
November 11, 2025 00:58
dbb64db to
792da07
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
November 18, 2025 10:12
792da07 to
2a214a4
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
December 3, 2025 18:24
2a214a4 to
61d3b82
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
2 times, most recently
from
December 31, 2025 19:39
3485bc6 to
eb24aca
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
January 8, 2026 19:08
eb24aca to
784c675
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
2 times, most recently
from
January 23, 2026 20:06
5f05f10 to
f78be8c
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
February 2, 2026 18:24
f78be8c to
4eda728
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
2 times, most recently
from
February 17, 2026 20:55
f6931c7 to
803f15b
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
March 5, 2026 15:06
803f15b to
277f0f2
Compare
renovate
Bot
force-pushed
the
renovate/npm-axios-vulnerability
branch
from
March 13, 2026 11:52
277f0f2 to
ca3ae16
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.1.3→1.6.0Axios Cross-Site Request Forgery Vulnerability
CVE-2023-45857 / GHSA-wf5p-g6vw-rhxx
More information
Details
An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
Release Notes
axios/axios (axios)
v1.6.0Compare Source
Features
Contributors to this release
1.6.8 (2024-03-15)
Bug Fixes
Contributors to this release
1.6.7 (2024-01-25)
Bug Fixes
Contributors to this release
1.6.6 (2024-01-24)
Bug Fixes
Contributors to this release
1.6.5 (2024-01-05)
Bug Fixes
Contributors to this release
1.6.4 (2024-01-03)
Bug Fixes
Contributors to this release
1.6.3 (2023-12-26)
Bug Fixes
Contributors to this release
1.6.2 (2023-11-14)
Features
withCredentialsbehavior; (#6046) (cff9967)PRs
Contributors to this release
1.6.1 (2023-11-08)
Bug Fixes
Contributors to this release
PRs
v1.5.1Compare Source
Bug Fixes
PRs
Contributors to this release
1.5.1 (2023-09-26)
Bug Fixes
Content-Typeheader for FormData in non-browser environments; (#5917) (bc9af51)content-encodingheader to handle case-insensitive values (#5890) (#5892) (4c89f25)Contributors to this release
PRs
v1.5.0Compare Source
Bug Fixes
PRs
Contributors to this release
1.5.1 (2023-09-26)
Bug Fixes
Content-Typeheader for FormData in non-browser environments; (#5917) (bc9af51)content-encodingheader to handle case-insensitive values (#5890) (#5892) (4c89f25)Contributors to this release
PRs
v1.4.0Compare Source
Bug Fixes
multipart/form-datacontent type for FormData payload on custom client environments; (#5678) (bbb61e7)Features
AxiosHeaderValuetype. (#5525) (726f1c8)Performance Improvements
Contributors to this release
PRs
1.3.6 (2023-04-19)
Bug Fixes
toStringmethod on the target; (#5661) (aa372f7)Contributors to this release
PRs
1.3.5 (2023-04-05)
Bug Fixes
paramsSerializerconfig; (#5633) (a56c866)Contributors to this release
PRs
1.3.4 (2023-02-22)
Bug Fixes
Contributors to this release
PRs
1.3.3 (2023-02-13)
Bug Fixes
Contributors to this release
PRs
1.3.2 (2023-02-03)
Bug Fixes
ERR_INVALID_URLerror; (#5528) (128d56f)Contributors to this release
PRs
1.3.1 (2023-02-01)
Bug Fixes
Contributors to this release
PRs
v1.3.6Compare Source
Bug Fixes
multipart/form-datacontent type for FormData payload on custom client environments; (#5678) (bbb61e7)Features
AxiosHeaderValuetype. (#5525) (726f1c8)Performance Improvements
Contributors to this release
PRs
1.3.6 (2023-04-19)
Bug Fixes
toStringmethod on the target; (#5661) (aa372f7)Contributors to this release
PRs
1.3.5 (2023-04-05)
Bug Fixes
paramsSerializerconfig; (#5633) (a56c866)Contributors to this release
PRs
1.3.4 (2023-02-22)
Bug Fixes
Contributors to this release
PRs
1.3.3 (2023-02-13)
Bug Fixes
Contributors to this release
PRs
1.3.2 (2023-02-03)
Bug Fixes
ERR_INVALID_URLerror; (#5528) (128d56f)Contributors to this release
PRs
1.3.1 (2023-02-01)
Bug Fixes
Contributors to this release
PRs
v1.3.5Compare Source
Bug Fixes
multipart/form-datacontent type for FormData payload on custom client environments; (#5678) (bbb61e7)Features
AxiosHeaderValuetype. (#5525) (726f1c8)Performance Improvements
Contributors to this release
PRs
1.3.6 (2023-04-19)
Bug Fixes
toStringmethod on the target; (#5661) (aa372f7)Contributors to this release
PRs
1.3.5 (2023-04-05)
Bug Fixes
paramsSerializerconfig; (#5633) (a56c866)Contributors to this release
PRs
1.3.4 (2023-02-22)
Bug Fixes
Contributors to this release
PRs
1.3.3 (2023-02-13)
Bug Fixes
Contributors to this release
PRs
1.3.2 (2023-02-03)
Bug Fixes
ERR_INVALID_URLerror; (#5528) (128d56f)Contributors to this release
PRs
1.3.1 (2023-02-01)
Bug Fixes
Contributors to this release
PRs
v1.3.4Compare Source
Bug Fixes
multipart/form-datacontent type for FormData payload on custom client environments; (#5678) (bbb61e7)Features
AxiosHeaderValuetype. (#5525) (726f1c8)Performance Improvements
Contributors to this release
PRs
1.3.6 (2023-04-19)
Bug Fixes
toStringmethod on the target; (#5661) (aa372f7)Contributors to this release
PRs
1.3.5 (2023-04-05)
Bug Fixes
paramsSerializerconfig; (#5633) (a56c866)Contributors to this release
PRs
1.3.4 (2023-02-22)
Bug Fixes
Contributors to this release
Configuration
📅 Schedule: (in timezone Asia/Kolkata)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.