Home / Security updates / Axios Supply Chain Vulnerability
Axios Supply Chain Vulnerability
Security updates detail rendered from /security-updates/upd_1df888230a5a1000.
Overview
| ID | upd_1df888230a5a1000 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Culture Amp |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_1df888230a5a1000 |
| providerId | safebase |
| organizationId | org_6fce154265b5f92c |
| trustCenterId | tc_ab799417e6db075e |
| title | Axios Supply Chain Vulnerability |
| message | At Culture Amp, the security of our platform and the protection of our customers' data are our highest priorities. We are aware of the recent supply chain attack involving Axios (versions 1.14.1 and 0.30.4) and have completed a comprehensive internal review of our systems. **Our Findings**: Following a thorough investigation by our security team, we can confirm the following: * ***No Exposure to Compromised Versions***: While Culture Amp uses Axios within our environment, the specific compromised versions (1.14.1 and 0.30.4) were never present in our development or production environments. * ***Data and Credential Integrity***: Because the affected versions were never deployed to our development or production environments, there was no risk to or impact on our stored credentials, API keys, cloud secrets, or sensitive configuration data. * ***No Indicators of Compromise (IoC)***: We have performed a full review of all known IoCs associated with this supply chain attack. Our monitoring |
| url | - |
| publishedAt | 2026-04-02 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_6fce154265b5f92c",
"name": "Culture Amp",
"domains": [
"security.cultureamp.com",
"cultureamp.com"
]
} |
| trust_center | {
"id": "tc_ab799417e6db075e",
"name": "Culture Amp",
"url": "https://security.cultureamp.com",
"host": "security.cultureamp.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_1df888230a5a1000",
"company": "/v1/companies/org_6fce154265b5f92c",
"trust_center": "/v1/trust-centers/tc_ab799417e6db075e",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_1df888230a5a1000JSON