Description

https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g. JSON).

Remediation

References

https://hackerone.com/reports/319532

Related Vulnerabilities

CVE-2020-7662 Vulnerability in npm package websocket-extensions

CVE-2022-22984 Vulnerability in npm package snyk-gradle-plugin

CVE-2022-25858 Vulnerability in maven package org.webjars.npm:terser

CVE-2021-23344 Vulnerability in npm package total.js

CVE-2020-8141 Vulnerability in maven package org.webjars.npm:dot

Severity

Critical

Classification

CWE-125 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Tags

Exploit Third Party Advisory