We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The npm package axios, versions 1.3.2 to 1.7.3, has been reported to have a high-severity vulnerability - Server-Side Request Forgery.
1.3.2
1.7.3
sendgrid-client is currently configured with axios 1.6.8
sendgrid-client
axios 1.6.8
To avoid using vulnerable versions of axios, I suggest updating axios to the lastest version, 1.7.4.
1.7.4
The text was updated successfully, but these errors were encountered:
Same issue here, flagged by Mend during the build process
CVE-2024-39338
Sorry, something went wrong.
Adding to the comments here, also pointing out that this is required as a High-security vulnerability in Snyk.io:
https://security.snyk.io/vuln/SNYK-JS-AXIOS-7361793
No branches or pull requests
The npm package axios, versions
1.3.2
to1.7.3
, has been reported to have a high-severity vulnerability - Server-Side Request Forgery.sendgrid-client
is currently configured withaxios 1.6.8
To avoid using vulnerable versions of axios, I suggest updating axios to the lastest version,
1.7.4
.The text was updated successfully, but these errors were encountered: