Versions of http-proxy
prior to 1.18.1 are vulnerable to Denial of Service. An HTTP request with a long body triggers an ERR_HTTP_HEADERS_SENT
unhandled exception that crashes the proxy server. This is only possible when the proxy server sets headers in the proxy request using the proxyReq.setHeader
function.
For a proxy server running on http://localhost:3000
, the following curl request triggers the unhandled exception:
curl -XPOST http://localhost:3000 -d "$(python -c 'print("x"*1025)')"
Upgrade to version 1.18.1 or later
{ "nvd_published_at": null, "cwe_ids": [ "CWE-184", "CWE-693" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2020-08-31T19:01:05Z" }