GHSA-mj6p-3pc9-wf5mHighCVSS 7.5

proxy denial of service vulnerability

Published
May 30, 2023
Last Modified
June 11, 2026

🔗 CVE IDs covered (1)

📋 Description

A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception.

🎯 Affected products1

  • npm/proxy:>= 2.0.0, < 2.1.1

🔗 References (5)