Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy project vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-16014
Http-proxy is a proxying library. Because of the way errors are handled in versions prior to 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.
Http-proxy Project Http-proxy
9.8
CVSSv3
CVE-2021-21322
fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user e...
Fastify-http-proxy Project Fastify-http-proxy
9.8
CVSSv3
CVE-2019-10196
A flaw was found in http-proxy-agent, prior to version 2.1.0. It exists http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure throug...
Http-proxy-agent Project Http-proxy-agent
Fedoraproject Fedora 27
Redhat Software Collections -
Redhat Enterprise Linux 7.0
7.5
CVSSv3
CVE-2021-3116
before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py prior to 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or).
Proxy.py Project Proxy.py
NA
CVE-2024-27140
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Archiva. This issue affects Apache Archiva: from 2.0.0. As this project is retired, we do not plan to release a version that fixe...
NA
CVE-2005-1268
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote malicious users to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.