[DepShield] (CVSS 7.5) Vulnerability due to usage of axios:0.18.1

**Vulnerabilities**

DepShield reports that this application's usage of [axios:0.18.1](https://ossindex.sonatype.org/component/pkg:npm/axios@0.18.1) results in the following vulnerability(s):

- (CVSS **7.5**) [[CVE-2021-3749] axios is vulnerable to Inefficient Regular Expression Complexity](https://ossindex.sonatype.org/vuln/b8488bde-055b-4c39-831a-f81d10fe6940)
- (CVSS **7.3**) [CWE-918: Server-Side Request Forgery (SSRF)](https://ossindex.sonatype.org/vuln/293be0b3-9672-4e36-b530-44be7f592d0a)

<hr />

**Occurrences**

axios:0.18.1 is a transitive dependency introduced by the following direct dependency(s):

• **[ibm-watson:5.7.3](https://ossindex.sonatype.org/component/pkg:npm/ibm-watson@5.7.3)**
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;└─ [ibm-cloud-sdk-core:2.4.4](https://ossindex.sonatype.org/component/pkg:npm/ibm-cloud-sdk-core@2.4.4)
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;└─ [axios:0.18.1](https://ossindex.sonatype.org/component/pkg:npm/axios@0.18.1)

<sub>This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for [personal](https://help.github.com/articles/managing-your-personal-account-s-apps/) and [organization](https://help.github.com/articles/managing-your-organization-s-apps/) accounts. Please submit questions or feedback about DepShield to the [Sonatype DepShield Community](https://community.sonatype.com/c/depshield).</sub>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[DepShield] (CVSS 7.5) Vulnerability due to usage of axios:0.18.1 #33

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[DepShield] (CVSS 7.5) Vulnerability due to usage of axios:0.18.1 #33

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions