Vulnerabilities > Https Proxy Agent Project

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2018-3739 Out-of-bounds Read vulnerability in Https-Proxy-Agent Project Https-Proxy-Agent
https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g.
network
low complexity
https-proxy-agent-project CWE-125
critical
9.1