Http Proxy Middleware

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-32997 npm MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Redhat

NVD GitHub

CVSS 3.1

4.0

EPSS

0.1%

CVE-2025-32996 npm MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Redhat

NVD GitHub

CVSS 3.1

4.0

EPSS

0.2%

CVE-2025-32997 npm

EPSS 0% CVSS 4.0

MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Redhat

NVD GitHub

CVE-2025-32996 npm

EPSS 0% CVSS 4.0

MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Redhat

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy