Chimurai Http-proxy-middleware
5 CVEs affecting Chimurai Http-proxy-middleware. Latest disclosed: 2026-06-22. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-55603 | High | 7.5 | 2026-06-22 | http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 until 3.0.7 and 4.1.1, fixRequestBody() is the library's documented helper for re-emitting a… |
CVE-2024-21536 | High | 7.5 | 2024-10-19 | Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRej… |
CVE-2025-32997 | Medium | 4.0 | 2025-04-15 | In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. |
CVE-2025-32996 | Medium | 4.0 | 2025-04-15 | In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. |
CVE-2026-55602 | | 2026-06-22 | http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries… |