CVE-2018-3739

Denial of Service in https-proxy-agent

Description

Versions of https-proxy-agent before 2.2.0 are vulnerable to denial of service. This is due to unsanitized options (proxy.auth) being passed to Buffer().

Recommendation

Update to version 2.2.0 or later.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

July 27, 2018

Modified Date

November 7, 2023

Score Vector

Affected Versions