Home / Security updates / Security Advisory Response - Axios npm Supply Chain Incident
Security Advisory Response - Axios npm Supply Chain Incident
Security updates detail rendered from /security-updates/upd_fe8e5eaddd7b31cc.
Overview
| ID | upd_fe8e5eaddd7b31cc |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Medallia |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_fe8e5eaddd7b31cc |
| providerId | safebase |
| organizationId | org_a0d71251673f1122 |
| trustCenterId | tc_7a213ca8b020827b |
| title | Security Advisory Response - Axios npm Supply Chain Incident |
| message | Medallia is aware of the recently disclosed supply chain attack affecting specific versions of the axios npm package. Following this disclosure, we conducted a comprehensive review across our environment using multiple detection and analysis capabilities, including Software Composition Analysis (SCA), Static Application Security Testing (SAST), container and artifact analysis, network and runtime monitoring. Based on this investigation: - No impacted versions of axios were identified in our production or managed environments - No evidence of malware or secondary payload execution was detected - No indication of unauthorized access or data exposure was found - No active threats related to this campaign are present in our environment At this time, there is no impact to Medallia systems or customer data related to this incident. We will continue to monitor for any emerging indicators associated with this campaign and take appropriate action as needed. |
| url | - |
| publishedAt | 2026-03-31 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_a0d71251673f1122",
"name": "Medallia",
"domains": [
"trust.medallia.com",
"medallia.com"
]
} |
| trust_center | {
"id": "tc_7a213ca8b020827b",
"name": "Medallia",
"url": "https://trust.medallia.com",
"host": "trust.medallia.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_fe8e5eaddd7b31cc",
"company": "/v1/companies/org_a0d71251673f1122",
"trust_center": "/v1/trust-centers/tc_7a213ca8b020827b",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_fe8e5eaddd7b31ccJSON