View all vulnerabilities

CVE-2018-3739

Denial of Service in https-proxy-agent

Versions of `https-proxy-agent` before 2.2.0 are vulnerable to denial of service. This is due to unsanitized options (proxy.auth) being passed to `Buffer()`.## RecommendationUpdate to version 2.2.0 or later.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
9.1
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Versions
https-proxy-agent < 2.2.0
Severity
Ecosystem
JavaScript
Publish Date
July 27, 2018
Modified Date
November 7, 2023