Improper input validation in Chimurai Http-proxy-middleware
CVE-2026-55602
http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses una…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
Affected products
- Chimurai Http-proxy-middleware — versions >= 4.0.0, < 4.1.0, >= 3.0.0, < 3.0.6, >= 0.16.0, < 2.0.10
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)