GMS-2019-30: Denial of Service in http-proxy-agent

June 11, 2019 (updated August 31, 2020)

Versions of http-proxy-agent are vulnerable to denial of service and uninitialized memory leak when unsanitized options are passed to Buffer. ## Recommendation

Update to or later.

References

github.com/TooTallNate/node-http-proxy-agent/blob/2.0.0/index.js
github.com/advisories/GHSA-8w57-jfpm-945m
hackerone.com/reports/321631
nodesecurity.io/advisories/607
www.npmjs.com/advisories/607

Code Behaviors & Features

Detect and mitigate GMS-2019-30 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →