Package Health

axios

Promise based HTTP client for the browser and node.js

Latest 1.18.1NPMNPM

84%

Total Score

Maintainer Stability
Maintainer Stability
Assesses the consistency and reliability of package maintainers

100

Dependencies
Dependencies
Evaluates the health and security of package dependencies

89

Maturity
Maturity
Indicates package age, release frequency, and adoption metrics

89

Supply Chain
Supply Chain
Evaluates supply chain security practices and risks

56

Attestations
Attestations
Measures the presence and validity of package attestations and signatures

100

Are you affected? Scan for Free

Vulnerabilities

TitleVersionsSeverity
AIKIDO-2026-291630 Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
axios is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in versions 0.19.1 - 1.17.0.
0.19.1 - 1.17.0
High
AIKIDO-2026-38469 Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
axios is vulnerable to Server-Side Request Forgery (SSRF) in versions 0.19.1 - 1.17.0.
0.19.1 - 1.17.0
Medium
CVE-2026-44496
axios is vulnerable to Uncontrolled Resource Consumption in versions 1.0.0 - 1.16.0 and 0.0.0 - 0.31.1.
0.0.0 - 0.31.11.0.0 - 1.16.0
High
CVE-2026-44488
axios is vulnerable to Allocation of Resources Without Limits or Throttling in versions 1.7.0 - 1.16.0.
1.7.0 - 1.16.0
High
CVE-2026-44487
axios is vulnerable to Insertion of Sensitive Information Into Sent Data in versions 1.0.0 - 1.16.0 and 0.0.0 - 0.31.1.
0.0.0 - 0.31.11.0.0 - 1.16.0
High

Package versions

Maintainers

Direct Dependencies

DependencyLast ReleaseScore
form-data
Version ^4.0.5
proxy-from-env
Version ^2.1.0
follow-redirects
Version ^1.16.0
https-proxy-agent
Version ^5.0.1

Weekly Downloads

Info

Last Published
26 days ago
Created
11 years ago
Unpacked Size
1.7 MB