Dependabot Alert: Server-Side Request Forgery in axios #686

JennaySDavis · 2024-08-15T16:34:20Z

Axios 1.7.2 allows SSRF via unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs.

JennaySDavis · 2024-08-19T13:46:41Z

#686 Acceptance Criteria

Pass/Fail	Description
Pass	Full Regression Testing of Program Website

Comments/Additional Notes
N/A

ADA Compliance (Automated scan via Chrome Lighthouse)

Criteria	Score
Performance	99
Accessibility	100
Best Practices	100

Passed 08/19/2024 - JSD

Convert PDF: Fleet > Helpful Hints #586 Convert PDF: Purchase > Helpful Hints #584 Convert PDF: Helpful Hints for Purchase Account Use #605 Convert PDF: Helpful Hints for Fleet Account Use #607 Convert PDF: Helpful Hints for Travel Account Use #606 California Tax #688 Dependabot Alert: Server-Side Request Forgery in axios #686 Update to the latest version of USWDS 3.8.2 | Program #681 Citi Bank Address #662 Update Forum 2025 #655 Replace Audit PDF DOI #667 Replace HUD Travel Audit PDF #663 Replace SSA Audit PDF #668 Replace GSA OIG Audit PDF #666 GSA 2018 Audit Replace PDF #665 2019 Audit DOD Replace PDF #664

johnbeallgsa · 2024-08-23T13:26:45Z

Thanks for explaining this in the Demo. Moving to Done.

JennaySDavis added the Dependabot Alert label Aug 15, 2024

john-labbate self-assigned this Aug 19, 2024

john-labbate added the Sprint 37 label Aug 19, 2024

JennaySDavis assigned LoraBradford Aug 19, 2024

john-labbate mentioned this issue Aug 22, 2024

gsa/production-release #692

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependabot Alert: Server-Side Request Forgery in axios #686

Dependabot Alert: Server-Side Request Forgery in axios #686

JennaySDavis commented Aug 15, 2024

JennaySDavis commented Aug 19, 2024

johnbeallgsa commented Aug 23, 2024