[Aikido] Fix 30 critical issues in form-data, @actions/github, @slack/web-api and 4 more

[aikido-autofix]

Upgrade dependencies to fix critical SSRF/proxy bypass vulnerabilities in Axios, HTTP Parameter Pollution in form-data, and RCE risks in other packages. This update includes breaking changes that require manual migration.

⚠️ Incomplete breaking changes analysis (3/7 analyzed)

⚠️ Breaking changes analysis not available for: form-data, @actions/github, @slack/web-api, @babel/traverse

⚠️ ## axios (0.19.2 => 0.32.0)

Breaking Change: Null-prototype merged objects

Where your code is affected:

• dist/index.js (line with delete this.axios.defaults.headers.post['Content-Type']) - The @slack/web-api package accesses this.axios.defaults.headers.post['Content-Type'] directly

• dist/index.js (multiple locations) - Direct bracket notation access to headers objects: headers['Content-Type'], headers[header]

• dist/index.js (form data handling) - Loop using for (const [header, value] of Object.entries(form.getHeaders())) followed by headers[header] = value

Impact:

In axios 0.32.0, merged config and header objects now have a null prototype to prevent prototype pollution. The code uses direct property access via bracket notation (e.g., headers['Content-Type'], this.axios.defaults.headers.post['Content-Type']) without using Object.prototype.hasOwnProperty.call(). While bracket notation access still works, any implicit string coercion or prototype method calls on these objects will fail since they no longer inherit from Object.prototype.

Remediation:

Update the @slack/web-api package to a version compatible with axios 0.32.0, or ensure all header/config object access uses Object.prototype.hasOwnProperty.call(obj, key) instead of relying on inherited prototype methods. Avoid any implicit string coercion of header or config objects.

All breaking changes by upgrading axios from version 0.19.2 to 0.32.0 (CHANGELOG)

Version	Description
0.23.0	Distinguish request and response data types
0.23.0	Change never type to unknown
0.23.0	Fixed TransitionalOptions typings
0.24.0	Revert: change type of AxiosResponse to any
0.25.0	Fixing maxBodyLength enforcement
0.25.0	Don't rely on strict mode behaviour for arguments
0.25.0	Adding error handling when missing url
0.25.0	Update isAbsoluteURL.js removing escaping of non-special characters
0.25.0	Use native Array.isArray() in utils.js
0.25.0	Adding error handling inside stream end callback
0.27.0	New toFormData helper function that allows the implementor to pass an object and allow axios to convert it to FormData
0.27.0	Removed functionality that removed the the Content-Type request header when passing FormData
0.27.0	Refactored error handling implementing AxiosError as a constructor
0.27.0	Separated responsibility for FormData instantiation between transformRequest and toFormData
0.27.0	Improved and fixed multiple issues with FormData support
0.32.0	Null-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects.

✅ 30 CVEs resolved by this upgrade, including 3 critical 🚨 CVEs

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2026-42043	🚨 CRITICAL	[axios] An attacker who can influence the target URL can bypass NO_PROXY protection by using any address in the 127.0.0.0/8 range (except 127.0.0.1), allowing requests to reach unintended destinations. This enables potential information disclosure or unauthorized access to local services.
CVE-2025-62718	🚨 CRITICAL	[axios] Improper hostname normalization in NO_PROXY rule checking allows requests to loopback addresses (localhost., [::1]) to bypass proxy protections, enabling proxy bypass and potential SSRF attacks against internal services. This vulnerability permits attackers to reach sensitive services despite configured NO_PROXY protections.
AIKIDO-2026-10741	HIGH	[axios] An HTTP client vulnerability allows prototype pollution through loose object merging, sensitive data exposure via error serialization, and improper proxy/socket handling that could lead to information disclosure or unauthorized access.
CVE-2026-40175	HIGH	[axios] A prototype pollution vulnerability in Axios can be exploited through gadget chains to escalate into Remote Code Execution (RCE) or bypass AWS IMDSv2 for cloud compromise. This affects any third-party dependencies using the library.
CVE-2026-25639	HIGH	[axios] The mergeConfig function crashes with a TypeError when processing configuration objects containing proto as an own property, allowing attackers to trigger denial of service. An attacker can exploit this by providing a malicious configuration object created via JSON.parse().
CVE-2026-42038	HIGH	[axios] Incomplete hostname normalization in no_proxy bypass allows requests to IP loopback addresses (127.0.0.1, [::1]) to route through proxy when no_proxy=localhost is set, enabling proxy bypass circumvention. This occurs due to pure string matching without IP alias resolution.
CVE-2026-42039	HIGH	[axios] A deeply nested object passed as request data causes the toFormData function to recursively walk without depth limits, crashing the Node.js process with a RangeError (Denial of Service). This vulnerability allows attackers to trigger application crashes through maliciously crafted nested payloads.
CVE-2026-42033	HIGH	[axios] A prototype pollution vulnerability allows attackers to intercept and modify JSON responses or hijack HTTP transport to access credentials and headers. This requires prior prototype pollution from a co-dependency but enables complete request/response manipulation.
CVE-2026-42035	HIGH	[axios] A prototype pollution gadget in the HTTP adapter allows attackers to inject arbitrary HTTP headers into outgoing requests by polluting Object.prototype with specific properties. This enables header injection attacks that could lead to request manipulation and potential security bypasses.
CVE-2023-45857	MEDIUM	[axios] An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
CVE-2026-42041	MEDIUM	[axios] A Prototype Pollution vulnerability allows attackers to suppress HTTP error responses by polluting Object.prototype.validateStatus, causing all status codes to be treated as successful and bypassing authentication and error handling.
AIKIDO-2025-10185	MEDIUM	[axios] A server-side request forgery (SSRF) vulnerability exists due to allowAbsoluteUrls not being set to false by default in buildFullPath(), allowing attackers to bypass URL restrictions and process unintended URLs.
CVE-2020-28168	MEDIUM	[axios] NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
CVE-2025-27152	MEDIUM	[axios] Axios sends requests to absolute URLs even when baseURL is configured, bypassing intended routing and potentially causing Server-Side Request Forgery (SSRF) and credential leakage in both server and client environments.
CVE-2026-42042	MEDIUM	[axios] Uses truthy/falsy semantics instead of strict boolean comparison for XSRF token protection, allowing attackers to bypass same-origin checks via prototype pollution or misconfiguration and steal XSRF tokens sent to cross-origin servers. This enables CSRF attacks against protected endpoints.
CVE-2026-42034	MEDIUM	[axios] A vulnerability allows attackers to bypass the maxBodyLength restriction on stream request bodies when maxRedirects is set to 0, enabling oversized uploads to be sent despite strict body limits. This could lead to denial of service or resource exhaustion attacks.
CVE-2026-42036	MEDIUM	[axios] When responseType is set to 'stream', the library fails to enforce maxContentLength limits, allowing attackers to bypass response-size restrictions and cause denial of service through unbounded data consumption.
AIKIDO-2026-10509	MEDIUM	[axios] Prototype pollution vulnerability allows attackers to inject malicious headers into requests through unsafe FormData detection and header merging, potentially enabling authorization bypass or request manipulation.
CVE-2021-3749	LOW	[axios] is vulnerable to Inefficient Regular Expression Complexity
AIKIDO-2023-10001	LOW	[axios] Prototype pollution vulnerability in the formDataToJSON function allows attackers to manipulate object properties. Additionally, a ReDoS vulnerability in combineURLs can cause denial of service through malicious input.
CVE-2026-42040	LOW	[axios] A character mapping in the encode() function incorrectly reverses percent-encoding of null bytes, converting %00 back to raw null bytes and potentially enabling injection attacks in certain contexts. The vulnerability has limited impact as standard axios request flows are unaffected.
CVE-2025-7783	🚨 CRITICAL	[form-data] Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.
CVE-2020-8203	HIGH	[lodash.set] Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
GHSA-r4q5-vmmm-2653	MEDIUM	[follow-redirects] Custom authentication headers (e.g., X-API-Key, X-Auth-Token) are leaked to redirect targets on cross-domain redirects because only standard headers are stripped. This enables attackers to capture sensitive credentials through malicious redirects.
CVE-2024-28849	MEDIUM	[follow-redirects] Authorization credentials in the proxy-authentication header are leaked during cross-domain redirects because the header is not cleared like the authorization header. This allows attackers to obtain sensitive proxy credentials.
CVE-2023-26159	MEDIUM	[follow-redirects] Improper URL parsing allows attackers to manipulate hostname interpretation, enabling traffic redirection to malicious sites for phishing, information disclosure, or other attacks.
CVE-2022-0536	MEDIUM	[follow-redirects] Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8.
AIKIDO-2025-10745	MEDIUM	[@babel/traverse] A vulnerability allows remote code execution during compilation when processing malicious input with certain plugins that use internal evaluation methods. This affects plugins like @babel/plugin-transform-runtime and @babel/preset-env with useBuiltIns option.
CVE-2024-21538	LOW	[cross-spawn] A Regular Expression Denial of Service (ReDoS) vulnerability exists due to improper input sanitization, allowing attackers to craft malicious strings that cause excessive CPU usage and program crashes. This vulnerability enables denial of service attacks through crafted input.
CVE-2022-25883	LOW	[semver] Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

[aikido-pr-checks]

CVE-2025-25288 in @octokit/plugin-paginate-rest - low severity
@octokit/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and prior to 11.4.1 of the npm package @octokit/plugin-paginate-rest, when calling octokit.paginate.iterator(), a specially crafted octokit instance—particularly with a malicious link parameter in the headers section of the request—can trigger a ReDoS attack. Version 11.4.1 contains a fix for the issue.

Details

Remediation Aikido suggests bumping this package to version 9.2.2 to resolve this issue

_{Reply @AikidoSec ignore: [REASON] to ignore this issue.}
More info