Skip to content
/ vue-http-proxy-vulnerability-1486 Public

Reproduction Repo for npm security vulnerability 1486 in @vue/cli-service > webpack-dev-server > http-proxy-middleware > http-proxy

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

itsalaidbacklife/vue-http-proxy-vulnerability-1486

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
public
public
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
babel.config.js
babel.config.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

vue-http-proxy-vulnerability-1486

Issue Reproduction

Clone repo and run

npm audit

Details

See npm issue 1486

Denial of Service vulnerability in @vue/cli-service > webpack-dev-server > http-proxy-middleware > http-proxy

"All versions of http-proxy are vulnerable to Denial of Service. An HTTP request with a long body triggers an ERR_HTTP_HEADERS_SENT unhandled exception that crashes the proxy server. This is only possible when the proxy server sets headers in the proxy request using the proxyReq.setHeader function."

"No fix is currently available. Consider using an alternative package until a fix is made available."

About

Reproduction Repo for npm security vulnerability 1486 in @vue/cli-service > webpack-dev-server > http-proxy-middleware > http-proxy

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages