CNNVD-202601-1122 Information

CNNVD ID

CNNVD-202601-1122

Related CVE

CVE-2026-21697

• CNNVD Published: 2026-01-07

Description (Chinese)

axios4go是Rez Moss个人开发者的一个HTTP客户端库。 axios4go 0.6.4之前版本存在竞争条件问题漏洞，该漏洞源于共享HTTP客户端配置存在竞争条件，可能导致并发请求时修改共享属性。

Description (English)

Axios4go is a HTTP client library of Rez Moss personal developers. The previous version of axios4go 0.6.4 had a gap in competition conditions, which stemmed from the competitive conditions of the shared HTTP client configuration, which could lead to changes in the sharing attributes when requested.

Hazard Level

High

Vulnerability Type

竞争条件问题

Affected Vendor

个人开发者

Published

2026-01-07

Last Modified

2026-02-24

References

https://github.com/rezmoss/axios4go/commit/b651604c64e66a115ab90cdab358b0181d74a842 https://github.com/rezmoss/axios4go/releases/tag/v0.6.4 https://github.com/rezmoss/axios4go/security/advisories/GHSA-cmj9-27wj-7x47

Patch

https://github.com/rezmoss/axios4go/releases