Skip to main content

How to resolve high-severity SSRF vulnerability in @memberstack/dom package caused by outdated axios dependency?

The @memberstack/dom package currently depends on axios versions 1.3.2 - 1.7.3, which contain a high-severity Server-Side Request Forgery (SSRF) vulnerability. This security issue was identified through npm audit.

Could you please update the axios dependency to a patched version to resolve this security concern? This will help protect all projects currently using @memberstack/dom.

2 comments

  • Memberstack Team
    Memberstack Team Official comment

  • Duncan from Memberstack
    Duncan from Memberstack

    Thank you for letting us know! I will share this with the engineering team and get back ASAP. 

    1

Please sign in to leave a comment.

Sitemap