ReportizFlow
Filtered by vendor Chimurai
Subscriptions
Filtered by product Http-proxy-middleware
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32996 | 2 Chimurai, Redhat | 2 Http-proxy-middleware, Rhdh | 2025-10-21 | 4 Medium |
| In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. | ||||
| CVE-2025-32997 | 2 Chimurai, Redhat | 2 Http-proxy-middleware, Rhdh | 2025-10-21 | 4 Medium |
| In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. | ||||
| CVE-2024-21536 | 2 Chimurai, Redhat | 9 Http-proxy-middleware, Advanced Cluster Security, Discovery and 6 more | 2024-11-01 | 7.5 High |
| Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. An attacker could kill the Node.js process and crash the server by making requests to certain paths. | ||||
Page 1 of 1.