[Aikido] Fix 19 critical issues in form-data, @actions/github, @slack/web-api and 4 more

[aikido-autofix]

Upgrade dependencies to fix critical SSRF/proxy bypass and RCE vulnerabilities in Axios, HTTP Parameter Pollution in form-data, and prototype pollution attacks across multiple packages.

⚠️ Incomplete breaking changes analysis (3/7 analyzed)

⚠️ Breaking changes analysis not available for: form-data, @actions/github, @slack/web-api, @babel/traverse

✅ The axios upgrade from 0.19.2 to 0.31.1 and form-data upgrade from 2.5.1 to 2.5.4 do not introduce breaking changes that affect this codebase.

Analysis:

This codebase does not directly use axios or form-data. These packages are transitive dependencies through @slack/web-api v5.15.0, which is bundled in dist/index.js.

The code in @slack/web-api that uses these packages:

• Creates FormData instances and uses form.append() and form.getHeaders() methods (dist/index.js)

• Deletes the Content-Type header from axios defaults to let the serializer set it appropriately

• Uses axios for HTTP requests with error handling that checks error.request property

Breaking changes reviewed:

1. axios (0.27.0): Removed functionality that removed Content-Type header when passing FormData - The @slack/web-api code explicitly deletes Content-Type from axios defaults and manages it through its own serializeApiCallOptions method, so this change doesn't affect it.

2. axios (0.27.0): Refactored error handling implementing AxiosError as a constructor - The code only checks for error.request property existence, which remains available in the new AxiosError implementation.

3. form-data (2.5.4): setBoundary() validation - The codebase never calls setBoundary() method; it only uses append() and getHeaders().

4. axios type changes (0.23.0, 0.24.0): TypeScript type changes - This is a JavaScript project without TypeScript source files, so type changes don't affect it.

All other changelog entries are bug fixes, new features, or internal improvements that don't break existing functionality.

All breaking changes by upgrading axios from version 0.19.2 to 0.31.1 (CHANGELOG)

Version	Description
0.23.0	Distinguish request and response data types
0.23.0	Change never type to unknown
0.23.0	Fixed TransitionalOptions typings
0.24.0	Revert: change type of AxiosResponse to any
0.25.0	Fixing maxBodyLength enforcement
0.25.0	Don't rely on strict mode behaviour for arguments
0.25.0	Adding error handling when missing url
0.25.0	Update isAbsoluteURL.js removing escaping of non-special characters
0.25.0	Use native Array.isArray() in utils.js
0.25.0	Adding error handling inside stream end callback
0.27.0	New toFormData helper function that allows the implementor to pass an object and allow axios to convert it to FormData
0.27.0	Removed functionality that removed the the Content-Type request header when passing FormData
0.27.0	Refactored error handling implementing AxiosError as a constructor
0.27.0	Separated responsibility for FormData instantiation between transformRequest and toFormData
0.27.0	Improved and fixed multiple issues with FormData support

✅ 19 CVEs resolved by this upgrade, including 2 critical 🚨 CVEs

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2025-62718	🚨 CRITICAL	[axios] Improper hostname normalization in NO_PROXY rule checking allows requests to loopback addresses (localhost., [::1]) to bypass proxy protections, enabling proxy bypass and potential SSRF attacks against internal services. This vulnerability permits attackers to reach sensitive services despite configured NO_PROXY protections.
CVE-2026-40175	HIGH	[axios] A prototype pollution vulnerability in Axios can be exploited through gadget chains to escalate into Remote Code Execution (RCE) or bypass AWS IMDSv2 for cloud compromise. This affects any third-party dependencies using the library.
CVE-2026-25639	HIGH	[axios] The mergeConfig function crashes with a TypeError when processing configuration objects containing proto as an own property, allowing attackers to trigger denial of service. An attacker can exploit this by providing a malicious configuration object created via JSON.parse().
CVE-2023-45857	MEDIUM	[axios] An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
AIKIDO-2025-10185	MEDIUM	[axios] A server-side request forgery (SSRF) vulnerability exists due to allowAbsoluteUrls not being set to false by default in buildFullPath(), allowing attackers to bypass URL restrictions and process unintended URLs.
CVE-2020-28168	MEDIUM	[axios] NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
CVE-2025-27152	MEDIUM	[axios] Axios sends requests to absolute URLs even when baseURL is configured, bypassing intended routing and potentially causing Server-Side Request Forgery (SSRF) and credential leakage in both server and client environments.
AIKIDO-2026-10509	MEDIUM	[axios] Prototype pollution vulnerability allows attackers to inject malicious headers into requests through unsafe FormData detection and header merging, potentially enabling authorization bypass or request manipulation.
CVE-2021-3749	LOW	[axios] is vulnerable to Inefficient Regular Expression Complexity
AIKIDO-2023-10001	LOW	[axios] Prototype pollution vulnerability in the formDataToJSON function allows attackers to manipulate object properties. Additionally, a ReDoS vulnerability in combineURLs can cause denial of service through malicious input.
CVE-2025-7783	🚨 CRITICAL	[form-data] Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.
CVE-2020-8203	HIGH	[lodash.set] Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
GHSA-r4q5-vmmm-2653	MEDIUM	[follow-redirects] Custom authentication headers (e.g., X-API-Key, X-Auth-Token) are leaked to redirect targets on cross-domain redirects because only standard headers are stripped. This enables attackers to capture sensitive credentials through malicious redirects.
CVE-2024-28849	MEDIUM	[follow-redirects] Authorization credentials in the proxy-authentication header are leaked during cross-domain redirects because the header is not cleared like the authorization header. This allows attackers to obtain sensitive proxy credentials.
CVE-2023-26159	MEDIUM	[follow-redirects] Improper URL parsing allows attackers to manipulate hostname interpretation, enabling traffic redirection to malicious sites for phishing, information disclosure, or other attacks.
CVE-2022-0536	MEDIUM	[follow-redirects] Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8.
AIKIDO-2025-10745	MEDIUM	[@babel/traverse] A vulnerability allows remote code execution during compilation when processing malicious input with certain plugins that use internal evaluation methods. This affects plugins like @babel/plugin-transform-runtime and @babel/preset-env with useBuiltIns option.
CVE-2024-21538	LOW	[cross-spawn] A Regular Expression Denial of Service (ReDoS) vulnerability exists due to improper input sanitization, allowing attackers to craft malicious strings that cause excessive CPU usage and program crashes. This vulnerability enables denial of service attacks through crafted input.
CVE-2022-25883	LOW	[semver] Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

[aikido-pr-checks]

CVE-2025-25288 in @octokit/plugin-paginate-rest - low severity
@octokit/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and prior to 11.4.1 of the npm package @octokit/plugin-paginate-rest, when calling octokit.paginate.iterator(), a specially crafted octokit instance—particularly with a malicious link parameter in the headers section of the request—can trigger a ReDoS attack. Version 11.4.1 contains a fix for the issue.

Details

Remediation Aikido suggests bumping this package to version 9.2.2 to resolve this issue

_{Reply @AikidoSec ignore: [REASON] to ignore this issue.}
More info

[aikido-autofix]

Closed by Aikido: a new AutoFix has been created → #7