You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary
Medium Severity Vulnerability in http-proxy-middleware via @angular-builders/[email protected]
Objective
Address a vulnerability in http-proxy-middleware by ensuring the dependency chain is updated to a secure version and verifying correct control flow during request body processing.
Background/Context
A vulnerability has been discovered in http-proxy-middleware affecting versions prior to 2.0.8 and 3.0.4. The issue stems from an Always-Incorrect Control Flow Implementation in the fixRequestBody() function. This flaw allows the writeBody function to be called multiple times, which can lead to unexpected behavior during proxy request handling.
Describe the Bug
Summary
Medium Severity Vulnerability in http-proxy-middleware via @angular-builders/[email protected]
Objective
Address a vulnerability in http-proxy-middleware by ensuring the dependency chain is updated to a secure version and verifying correct control flow during request body processing.
Background/Context
A vulnerability has been discovered in http-proxy-middleware affecting versions prior to 2.0.8 and 3.0.4. The issue stems from an Always-Incorrect Control Flow Implementation in the fixRequestBody() function. This flaw allows the writeBody function to be called multiple times, which can lead to unexpected behavior during proxy request handling.
Dependencies:
@angular-builders/[email protected]
Vulnerable transitive dependencies on [email protected] and 2.0.7
Minimal Reproduction
Note: We can only reproduce it when we scan the project using Snyk CLI.
Expected Behavior
There should be no vulnerabilities in Snyk dashboard related to this.
Screenshots
Libs
For Tooling issues:
The text was updated successfully, but these errors were encountered: