All vulnerabilities

CVE-2018-3739

Denial of Service in https-proxy-agent

Description

Versions of https-proxy-agent before 2.2.0 are vulnerable to denial of service. This is due to unsanitized options (proxy.auth) being passed to Buffer().

Recommendation

Update to version 2.2.0 or later.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Score
9.1
Severity
Critical
Ecosystem
JavaScript
Publish Date
July 27, 2018
Modified Date
February 3, 2026
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Versions