Homepage
About Snyk

Malicious Package Affecting http-proxy-middelware package, versions *

Severity

 Recommended
0.0
high
0
10

CVSS assessment made by Snyk's Security Team

    Threat Intelligence

    Exploit Maturity
    Mature

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-JS-HTTPPROXYMIDDELWARE-1070025
  • published 3 Feb 2021
  • disclosed 3 Feb 2021
  • credit dabbler0
Report a new vulnerability Found a mistake?

Introduced: 3 Feb 2021

Malicious CVE NOT AVAILABLE CWE-506 Open this link in a new tab

How to fix?

Avoid using all malicious instances of the http-proxy-middelware package.

Overview

http-proxy-middelware is a malicious package. All versions of http-proxy-middelware contain malicious code. The index.js file attempts to download a file from a remote server and execute it. The file is not run upon installation - the package needs to be required or the index.js run manually. The package contains a typo in its code which lead to it not functioning properly. Additionally, the remote file it attempted to download is currently not retrievable anymore but might have been in the past and its contents are unknown.

References

CVSS Scores

version 3.1
Expand this section

Snyk

Recommended
8.8 high
  • Attack Vector (AV)
    Network
  • Attack Complexity (AC)
    Low
  • Privileges Required (PR)
    None
  • User Interaction (UI)
    Required
  • Scope (S)
    Unchanged
  • Confidentiality (C)
    High
  • Integrity (I)
    High
  • Availability (A)
    High