Lucene search
+L

8 matches found

Chainguard
Chainguard
added 2026/01/07 1:30 a.m.4 views

CVE-2025-32996 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, kubeflow-pipelines...

5.3CVSS4.8AI score0.00442EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/04 2:9 p.m.9 views

Security Bulletin: IBM Edge Data Collector uses http-proxy-middleware - 2.0.7 which is vulnerable to CVE-2025-32996, CVE-2025-32997.

Summary IBM Edge Data Collector uses http-proxy-middleware - 2.0.7 which is vulnerable to CVE-2025-32996, CVE-2025-32997. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-32996 DESCRIPTION: In http-proxy-middleware before 2.0.8 and 3.x before...

5.3CVSS6.7AI score0.00448EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/04 7:13 a.m.13 views

Security Bulletin: IBM Maximo Application Suite uses multiple nodejs and go packages which is vulnerable to " CVE-2025-27152, CVE-2025-32996, CVE-2025-32997, CVE-2025-22871"

Summary IBM Maximo Application Suite uses " axios, http-proxy-middleware and net/http package " which is vulnerable to "CVE-2025-27152, CVE-2025-32996, CVE-2025-32997, CVE-2025-22871". This bulletin contains information regarding the vulnerability and how to address it. Vulnerability Details...

9.1CVSS6.7AI score0.00778EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/15 5:36 a.m.15 views

CVE-2025-32996

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...

4CVSS4.2AI score0.00442EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2025/04/15 3:30 a.m.8 views

7qb-cli (=0.0.16), 8-divine (=1.4.0) +2609 more potentially affected by CVE-2025-32996 via http-proxy-middleware (>=1.3.0 <=2.0.7)

http-proxy-middleware NPM version =1.3.0, =0.0.6, =0.1.10, =0.2.14, =1.6.0, =1.7.0, =0.0.39, =7.0.0, =7.0.0, =1.0.0, =5.0.0, =1.3.0, =3.0.0-beta.7 and more Source cves: CVE-2025-32996 Source advisory: OSV:GHSA-4WWW-5P9H-95MH...

5.3CVSS5.7AI score0.00442EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/04/15 3:30 a.m.16 views

@amazeelabs/publisher (>=2.4.28 <=3.2.6), @appliedblockchain/silentdatarollup-custom-rpc (>=1.0.0 <=1.0.1) +26 more potentially affected by CVE-2025-32996 via http-proxy-middleware (>=3.0.0 <=3.0.3)

http-proxy-middleware NPM version =3.0.0, =2.4.28, =1.0.0, =2.1.0-next.0, =2.1.0-next.0, =9.0.0, =9.0.0, =9.0.0, =1.1.0, =19.0.0-alpha.0, =0.0.24, =0.0.1, =8.0.0, =0.391.0, =0.1.55, =3.9.5-beta.0, =3.50.0-beta.2 and more Source cves: CVE-2025-32996 Source advisory: OSV:GHSA-4WWW-5P9H-95MH...

5.3CVSS5.7AI score0.00442EPSS
Exploits0
NVD
NVD
added 2025/04/15 3:15 a.m.17 views

CVE-2025-32996

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used...

5.3CVSS0.00442EPSS
Exploits0References4
CVE
CVE
added 2025/04/15 12:0 a.m.140 views

CVE-2025-32996

CVE-2025-32996 affects the http-proxy-middleware project where, in versions before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because an else-if is missing. This is the underlying root cause and is reflected in related IBM and IBM X-Force bulletins that cite the same description. T...

5.3CVSS7.2AI score0.00442EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder