8 matches found
CVE-2025-32996 vulnerabilities
Vulnerabilities for packages: kubeflow-katib, kubeflow-pipelines...
Security Bulletin: IBM Edge Data Collector uses http-proxy-middleware - 2.0.7 which is vulnerable to CVE-2025-32996, CVE-2025-32997.
Summary IBM Edge Data Collector uses http-proxy-middleware - 2.0.7 which is vulnerable to CVE-2025-32996, CVE-2025-32997. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-32996 DESCRIPTION: In http-proxy-middleware before 2.0.8 and 3.x before...
Security Bulletin: IBM Maximo Application Suite uses multiple nodejs and go packages which is vulnerable to " CVE-2025-27152, CVE-2025-32996, CVE-2025-32997, CVE-2025-22871"
Summary IBM Maximo Application Suite uses " axios, http-proxy-middleware and net/http package " which is vulnerable to "CVE-2025-27152, CVE-2025-32996, CVE-2025-32997, CVE-2025-22871". This bulletin contains information regarding the vulnerability and how to address it. Vulnerability Details...
CVE-2025-32996
In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...
7qb-cli (=0.0.16), 8-divine (=1.4.0) +2609 more potentially affected by CVE-2025-32996 via http-proxy-middleware (>=1.3.0 <=2.0.7)
http-proxy-middleware NPM version =1.3.0, =0.0.6, =0.1.10, =0.2.14, =1.6.0, =1.7.0, =0.0.39, =7.0.0, =7.0.0, =1.0.0, =5.0.0, =1.3.0, =3.0.0-beta.7 and more Source cves: CVE-2025-32996 Source advisory: OSV:GHSA-4WWW-5P9H-95MH...
@amazeelabs/publisher (>=2.4.28 <=3.2.6), @appliedblockchain/silentdatarollup-custom-rpc (>=1.0.0 <=1.0.1) +26 more potentially affected by CVE-2025-32996 via http-proxy-middleware (>=3.0.0 <=3.0.3)
http-proxy-middleware NPM version =3.0.0, =2.4.28, =1.0.0, =2.1.0-next.0, =2.1.0-next.0, =9.0.0, =9.0.0, =9.0.0, =1.1.0, =19.0.0-alpha.0, =0.0.24, =0.0.1, =8.0.0, =0.391.0, =0.1.55, =3.9.5-beta.0, =3.50.0-beta.2 and more Source cves: CVE-2025-32996 Source advisory: OSV:GHSA-4WWW-5P9H-95MH...
CVE-2025-32996
In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used...
CVE-2025-32996
CVE-2025-32996 affects the http-proxy-middleware project where, in versions before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because an else-if is missing. This is the underlying root cause and is reflected in related IBM and IBM X-Force bulletins that cite the same description. T...