3 matches found
CVE-2018-3736
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-3739. Reason: This candidate is a duplicate of CVE-2018-3739. Notes: All CVE users should reference CVE-2018-3739 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usag...
CVE-2018-3739
https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter e.g. JSON...
CVE-2018-3739
CVE-2018-3739 affects the Node.js https-proxy-agent module. The root cause is passing the auth option to the Buffer constructor without proper sanitization, enabling a remote attacker to cause denial of service and memory leak through crafted input in the auth parameter (e.g., JSON). Reported in ...