Vulnerabilidades en chimurai
4 resultadosCVE-2026-55602MEDIUMhttp-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypassEPSS 0.4%CVE-2025-32997MEDIUMIn http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed.EPSS 0.4%CVE-2025-32996MEDIUMIn http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used.EPSS 0.4%CVE-2026-55603HIGHhttp-proxy-middleware: multipart/form-data field injection via unescaped CRLF in `fixRequestBody`EPSS 0.2%