Lucene search
HackeroneCVELIST:CVE-2018-3739HistoryApr 26, 2018 - 12:00 a.m.
CVE-2018-3739
2018-04-2600:00:00
CWE-400
hackerone
www.cve.org
https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the ‘auth’ parameter (e.g. JSON).
CNA Affected
[
{
"product": "https-proxy-agent node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "Versions before 2.1.1"
}
]
}
]References
Related
cve
cve
CVE-2018-3739
2018-06-07 02:29:08
CVE-2018-3736
2018-06-07 02:29:08
redhatcve
redhatcve
CVE-2018-3739
2019-12-25 21:27:53
CVE-2018-3736
2019-12-26 09:41:04
ibm
ibm
osv
osv
CVE-2018-3739
2018-06-07 02:29:08
Denial of Service in https-proxy-agent
2018-07-27 17:04:52
github
github
Denial of Service in https-proxy-agent
2018-07-27 17:04:52
veracode
veracode
Denial Of Service (DoS)
2019-07-10 04:47:11
prion
prion
Design/Logic Flaw
2018-06-07 02:29:00
nvd
nvd
CVE-2018-3739
2018-06-07 02:29:08
CVE-2018-3736
2018-06-07 02:29:08