/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- A security audit has reported the CVE-2024-27980 and CVE-2026-40175 vulnerabilities in PD Web related to the bundled Axios dependency.
- These vulnerabilities are associated with SSRF-related issues and potential proxy bypass behavior in affected Axios versions.
Read more...
Environment
- SAP PowerDesigner (PD) Web 16.7
- Axios version earlier than 1.15.x
Product
SAP PowerDesigner 16.7
Keywords
powerdesigner, cmr, portal, web, node, node.js, nodejs, axios, cve-2025-62718, cve-2026-40175, vulnerability , KBA , BC-SYB-PD , PowerDesigner , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)