VYPR
Unrated severityNVD Advisory· Published Jan 29, 2025· Updated Jan 29, 2025

CVE-2024-57965

CVE-2024-57965

Description

In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Axios/Axiosllm-fuzzy2 versions
    <1.7.8+ 1 more
    • (no CPE)range: <1.7.8
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.