Denial of Service in http-proxy-agent

Published: Jun 11, 2019
Updated: Apr 14, 2023
GHSA: <a href="https://github.com/advisories/GHSA-8w57-jfpm-945m" target="_blank" rel="noopener"> GHSA-8w57-jfpm-945m
Severity: High
Exploit:

Versions of http-proxy-agent before 2.1.0 are vulnerable to denial of service and uninitialized memory leak when unsanitized options are passed to Buffer. An attacker may leverage these unsanitized options to consume system resources.