EPSS
Percentile
79.7%
Versions of https-proxy-agent before 2.2.0 are vulnerable to denial of service. This is due to unsanitized options (proxy.auth) being passed to Buffer().
https-proxy-agent
Buffer()
Update to version 2.2.0 or later.
github.com/advisories/GHSA-8g7p-74h8-hg48
github.com/TooTallNate/node-https-proxy-agent
github.com/TooTallNate/node-https-proxy-agent/commit/1c24219df87524e6ed973127e81f30801d658f07
hackerone.com/reports/319532
nvd.nist.gov/vuln/detail/CVE-2018-3736
www.npmjs.com/advisories/593