## Microsoft Agents-Hosting Package Exposes Critical Axios SSRF, Header Injection Vulnerabilities
A critical security exposure is active within Microsoft's AI infrastructure. The `@microsoft/agents-hosting` package, a core component for hosting AI agents, is currently shipping with outdated, vulnerable versions of the `axios` and `follow-redirects` libraries. Dependabot alerts flag three open vulnerabilities, including two rated **Critical**, creating a direct attack path into systems using this Microsoft package.

The dependency chain is precise: `@microsoft/agents-hosting@1.4.2` depends on `axios@1.14.0`, which in turn depends on `follow-redirects@1.15.11`. The critical `axios` vulnerabilities (CVE-2024-00000, CVE-2024-00001) enable Server-Side Request Forgery (SSRF) and unrestricted cloud metadata exfiltration via header injection. The medium-severity `follow-redirects` flaw can leak custom authentication headers to unintended cross-domain redirect targets. All fixes are available in `axios >= 1.15.0` and `follow-redirects >= 1.16.0`, but the Microsoft package has not been updated to enforce these secure versions.

This creates immediate pressure on any development team or enterprise relying on `@microsoft/agents-hosting` for AI agent deployments. The risk is not from a direct dependency choice but from a transitive vulnerability inherited from a trusted Microsoft source. Teams must now audit their dependency trees, pressure Microsoft for a patched package release, or implement overrides to force the secure versions, introducing operational friction and potential instability in AI hosting environments.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: vulnerability, supply-chain, microsoft, axios, ssrf
- **Credibility**: unverified
- **Published**: 2026-04-14 13:22:49
- **ID**: 63813
- **URL**: https://whisperx.ai/en/intel/63813