Описание
Insufficient Error Handling in http-proxy
Affected versions of http-proxy are vulnerable to a denial of service attack, wherein an attacker can force an error which will cause the server to crash.
Recommendation
Update to version 0.7.0 or later.
Пакеты
Наименование
http-proxy
npm
Затронутые версииВерсия исправления
<= 0.6.6
0.7.0
Связанные уязвимости
CVSS3: 7.5
redhat
почти 9 лет назад
Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.
CVSS3: 7.5
nvd
больше 7 лет назад
Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.
CVSS3: 7.5
debian
больше 7 лет назад
Http-proxy is a proxying library. Because of the way errors are handle ...