{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-25639","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-02-04T05:15:41.791Z","datePublished":"2026-02-09T20:11:22.374Z","dateUpdated":"2026-07-09T12:09:38.039Z"},"containers":{"cna":{"title":"Axios affected by Denial of Service via __proto__ Key in mergeConfig","problemTypes":[{"descriptions":[{"cweId":"CWE-754","lang":"en","description":"CWE-754: Improper Check for Unusual or Exceptional Conditions","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"references":[{"name":"https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433","tags":["x_refsource_CONFIRM"],"url":"https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433"},{"name":"https://github.com/axios/axios/pull/7369","tags":["x_refsource_MISC"],"url":"https://github.com/axios/axios/pull/7369"},{"name":"https://github.com/axios/axios/pull/7388","tags":["x_refsource_MISC"],"url":"https://github.com/axios/axios/pull/7388"},{"name":"https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57","tags":["x_refsource_MISC"],"url":"https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57"},{"name":"https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e","tags":["x_refsource_MISC"],"url":"https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e"},{"name":"https://github.com/axios/axios/releases/tag/v0.30.3","tags":["x_refsource_MISC"],"url":"https://github.com/axios/axios/releases/tag/v0.30.3"},{"name":"https://github.com/axios/axios/releases/tag/v1.13.5","tags":["x_refsource_MISC"],"url":"https://github.com/axios/axios/releases/tag/v1.13.5"}],"affected":[{"vendor":"axios","product":"axios","versions":[{"version":">= 1.0.0, < 1.13.5","status":"affected"},{"version":"< 0.30.3","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-02-18T17:16:16.391Z"},"descriptions":[{"lang":"en","value":"Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5."}],"source":{"advisory":"GHSA-43fc-jf86-j433","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-02-10T15:39:46.394625Z","id":"CVE-2026-25639","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-10T15:59:44.468Z"}},{"affected":[{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:network_observ_optr:1.11::el9"],"defaultStatus":"affected","product":"Network Observability (NETOBSERV) 1.11.2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:acm:2.12::el9"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Management for Kubernetes 2.12","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:acm:2.13::el9"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Management for Kubernetes 2.13","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:acm:2.14::el9"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:acm:2.15::el9"],"defaultStatus":"affected","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el8"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2.5","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2.6","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhdh:1.8::el9"],"defaultStatus":"affected","product":"Red Hat Developer Hub 1.8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhdh:1.9::el9"],"defaultStatus":"affected","product":"Red Hat Developer Hub 1.9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:discovery:2::el9"],"defaultStatus":"affected","product":"Red Hat Discovery 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhmt:1.8::el8"],"defaultStatus":"affected","product":"Red Hat Migration Toolkit 1.8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai:2.16::el8"],"defaultStatus":"affected","product":"Red Hat OpenShift AI 2.16","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai:2.25::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift AI 2.25","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai:3.3::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift AI 3.3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.19::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.19","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.20::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.20","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.21::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.21","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_devspaces:3.27::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Dev Spaces 3.27","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_pipelines:1.21::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Pipelines 1.21","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:2.6::el8"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 2.6","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3.0::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 3.0","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3.1::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 3.1","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3.2::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Service Mesh 3.2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.10::el8"],"defaultStatus":"affected","product":"Red Hat Quay 3.10","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.12::el8"],"defaultStatus":"affected","product":"Red Hat Quay 3.12","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.15::el8"],"defaultStatus":"affected","product":"Red Hat Quay 3.15","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.16::el9"],"defaultStatus":"affected","product":"Red Hat Quay 3.16","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3.9::el8"],"defaultStatus":"affected","product":"Red Hat Quay 3.9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:satellite:6.18::el9"],"defaultStatus":"affected","product":"Red Hat Satellite 6.18","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:trusted_artifact_signer:1.3::el9"],"defaultStatus":"affected","product":"Red Hat Trusted Artifact Signer 1.3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine:2.10::el9"],"defaultStatus":"affected","product":"multicluster engine for Kubernetes 2.10","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine:2.6::el9"],"defaultStatus":"affected","product":"multicluster engine for Kubernetes 2.6","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine:2.7::el9"],"defaultStatus":"affected","product":"multicluster engine for Kubernetes 2.7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine:2.8::el9"],"defaultStatus":"affected","product":"multicluster engine for Kubernetes 2.8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine:2.9::el9"],"defaultStatus":"affected","product":"multicluster engine for Kubernetes 2.9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:logging:5"],"defaultStatus":"affected","product":"Logging Subsystem for Red Hat OpenShift","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:migration_toolkit_applications:8"],"defaultStatus":"affected","product":"Migration Toolkit for Applications 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_pipelines:1"],"defaultStatus":"affected","product":"OpenShift Pipelines","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"],"defaultStatus":"affected","product":"Red Hat 3scale API Management Platform 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2"],"defaultStatus":"affected","product":"Red Hat Ansible Automation Platform 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_registry:2"],"defaultStatus":"affected","product":"Red Hat build of Apicurio Registry 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:podman_desktop:0"],"defaultStatus":"affected","product":"Red Hat Build of Podman Desktop - Tech Preview","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:enterprise_linux_ai:3"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_fuse:7"],"defaultStatus":"affected","product":"Red Hat Fuse 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:container_native_virtualization:4"],"defaultStatus":"affected","product":"Red Hat OpenShift Virtualization 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:trusted_profile_analyzer:2"],"defaultStatus":"affected","product":"Red Hat Trusted Profile Analyzer","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_portal:2"],"defaultStatus":"affected","product":"Self-service automation portal 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:amq_streams:3"],"defaultStatus":"affected","product":"streams for Apache Kafka 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el10","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"],"defaultStatus":"unaffected","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 10","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:cryostat:4"],"defaultStatus":"unaffected","product":"Cryostat 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:gatekeeper:3"],"defaultStatus":"unaffected","product":"Gatekeeper 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3"],"defaultStatus":"unaffected","product":"OpenShift Service Mesh 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:advanced_cluster_security:4"],"defaultStatus":"unaffected","product":"Red Hat Advanced Cluster Security 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:apache_camel_hawtio:4"],"defaultStatus":"unaffected","product":"Red Hat build of Apache Camel - HawtIO 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:kueue_operator:1"],"defaultStatus":"unaffected","product":"Red Hat Build of Kueue","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_data_grid:8"],"defaultStatus":"unaffected","product":"Red Hat Data Grid 8","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:8"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai"],"defaultStatus":"unaffected","product":"Red Hat OpenShift AI (RHOAI)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_devspaces:3"],"defaultStatus":"unaffected","product":"Red Hat OpenShift Dev Spaces","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"],"defaultStatus":"unaffected","product":"Red Hat Process Automation 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:trusted_artifact_signer:1"],"defaultStatus":"unaffected","product":"Red Hat Trusted Artifact Signer","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:amq_streams:2"],"defaultStatus":"unaffected","product":"streams for Apache Kafka 2","vendor":"Red Hat"}],"datePublic":"2026-02-09T20:11:22.374Z","descriptions":[{"lang":"en","value":"A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1287","description":"Improper Validation of Specified Type of Input","lang":"en","type":"CWE"}]}],"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-25639"},{"name":"RHBZ#2438237","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2438237"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25639.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6277"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6428"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5633"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:8229"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:36882"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13548"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6308"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6309"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6174"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6802"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:2694"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:25041"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5807"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:19712"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:7249"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5142"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5174"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6192"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6170"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3107"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3106"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3105"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3109"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5665"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4942"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6497"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:6567"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5168"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:8499"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:8500"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:8501"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3087"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13542"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:9848"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:5636"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:8218"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:11414"}],"solutions":[{"lang":"en","value":"RHSA-2026:6277: Red Hat Ansible Automation Platform 2.6 for RHEL 9"},{"lang":"en","value":"RHSA-2026:6428: Network Observability (NETOBSERV) 1.11.2"},{"lang":"en","value":"RHSA-2026:5633: Red Hat Advanced Cluster Management for Kubernetes 2.12"},{"lang":"en","value":"RHSA-2026:8229: Red Hat Advanced Cluster Management for Kubernetes 2.13"},{"lang":"en","value":"RHSA-2026:36882: Red Hat Advanced Cluster Management for Kubernetes 2.14"},{"lang":"en","value":"RHSA-2026:13548: Red Hat Advanced Cluster Management for Kubernetes 2.15"},{"lang":"en","value":"RHSA-2026:6308: Red Hat Ansible Automation Platform 2.5"},{"lang":"en","value":"RHSA-2026:6309: Red Hat Ansible Automation Platform 2.6"},{"lang":"en","value":"RHSA-2026:6174: Red Hat Developer Hub 1.8"},{"lang":"en","value":"RHSA-2026:6802: Red Hat Developer Hub 1.9"},{"lang":"en","value":"RHSA-2026:2694: Red Hat Discovery 2"},{"lang":"en","value":"RHSA-2026:25041: Red Hat Migration Toolkit 1.8"},{"lang":"en","value":"RHSA-2026:5807: Red Hat OpenShift AI 2.16"},{"lang":"en","value":"RHSA-2026:10184: Red Hat OpenShift AI 2.25"},{"lang":"en","value":"RHSA-2026:19712: Red Hat OpenShift AI 3.3"},{"lang":"en","value":"RHSA-2026:7249: Red Hat OpenShift Container Platform 4.19"},{"lang":"en","value":"RHSA-2026:5142: Red Hat OpenShift Container Platform 4.20"},{"lang":"en","value":"RHSA-2026:5174: Red Hat OpenShift Container Platform 4.21"},{"lang":"en","value":"RHSA-2026:6192: Red Hat OpenShift Dev Spaces 3.27"},{"lang":"en","value":"RHSA-2026:6170: Red Hat OpenShift Pipelines 1.21"},{"lang":"en","value":"RHSA-2026:3107: Red Hat OpenShift Service Mesh 2.6"},{"lang":"en","value":"RHSA-2026:3106: Red Hat OpenShift Service Mesh 3.0"},{"lang":"en","value":"RHSA-2026:3105: Red Hat OpenShift Service Mesh 3.1"},{"lang":"en","value":"RHSA-2026:3109: Red Hat OpenShift Service Mesh 3.2"},{"lang":"en","value":"RHSA-2026:5665: Red Hat Quay 3.10"},{"lang":"en","value":"RHSA-2026:4942: Red Hat Quay 3.12"},{"lang":"en","value":"RHSA-2026:6568: Red Hat Quay 3.15"},{"lang":"en","value":"RHSA-2026:6497: Red Hat Quay 3.16"},{"lang":"en","value":"RHSA-2026:6567: Red Hat Quay 3.16"},{"lang":"en","value":"RHSA-2026:5168: Red Hat Quay 3.9"},{"lang":"en","value":"RHSA-2026:8499: Red Hat Satellite 6.18"},{"lang":"en","value":"RHSA-2026:8500: Red Hat Satellite 6.18"},{"lang":"en","value":"RHSA-2026:8501: Red Hat Satellite 6.18"},{"lang":"en","value":"RHSA-2026:3087: Red Hat Trusted Artifact Signer 1.3"},{"lang":"en","value":"RHSA-2026:13542: multicluster engine for Kubernetes 2.10"},{"lang":"en","value":"RHSA-2026:9848: multicluster engine for Kubernetes 2.6"},{"lang":"en","value":"RHSA-2026:5636: multicluster engine for Kubernetes 2.7"},{"lang":"en","value":"RHSA-2026:8218: multicluster engine for Kubernetes 2.8"},{"lang":"en","value":"RHSA-2026:11414: multicluster engine for Kubernetes 2.9"}],"timeline":[{"lang":"en","time":"2026-02-09T21:00:49.280Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-02-09T20:11:22.374Z","value":"Made public."}],"title":"axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"},"providerMetadata":{"orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP","dateUpdated":"2026-07-09T12:09:38.039Z"}}]}}