From d9f98c60da1f41a4daffde423eebcc24bb9ce258 Mon Sep 17 00:00:00 2001
From: tonyxrmdavidson <tonyxrmdavidson@yahoo.co.uk>
Date: Wed, 25 Feb 2026 15:48:55 +0000
Subject: [PATCH] OCPBUGS-76579: [release-4.19]CVE-2026-25639
 openshift4/ose-monitoring-plugin-rhel9: Axios affected by Denial of Service
 via __proto__ Key in mergeConfig

---
 web/package-lock.json | 16 ++++++++--------
 web/package.json      |  3 ++-
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index 2c51e9fa2..f0f423ee0 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -9469,13 +9469,13 @@
       "license": "MIT"
     },
     "node_modules/axios": {
-      "version": "1.13.2",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.2.tgz",
-      "integrity": "sha512-VPk9ebNqPcy5lRGuSlKx752IlDatOjT9paPlm8A7yOuW2Fbvp4X3JznJtT4f0GzGLLiWE9W8onz51SqLYwzGaA==",
+      "version": "1.13.5",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz",
+      "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==",
       "license": "MIT",
       "dependencies": {
-        "follow-redirects": "^1.15.6",
-        "form-data": "^4.0.4",
+        "follow-redirects": "^1.15.11",
+        "form-data": "^4.0.5",
         "proxy-from-env": "^1.1.0"
       }
     },
@@ -14046,9 +14046,9 @@
       }
     },
     "node_modules/form-data": {
-      "version": "4.0.4",
-      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz",
-      "integrity": "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==",
+      "version": "4.0.5",
+      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.5.tgz",
+      "integrity": "sha512-8RipRLol37bNs2bhoV67fiTEvdTrbMUYcFTiy3+wuuOnUog2QBHCZWXDRijWQfAkhBj2Uf5UnVaiWwA5vdd82w==",
       "license": "MIT",
       "dependencies": {
         "asynckit": "^0.4.0",
diff --git a/web/package.json b/web/package.json
index e52386194..82c5def2c 100644
--- a/web/package.json
+++ b/web/package.json
@@ -176,7 +176,8 @@
   },
   "overrides": {
     "echarts": "^5.6.0",
-    "qs": "^6.14.1"
+    "qs": "^6.14.1",
+    "axios": "1.13.5"
   },
   "consolePlugin": {
     "name": "monitoring-plugin",