Vulnerability Details CVE-2017-16014
Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2017-16014
-
cpe:2.3:a:http-proxy_project:http-proxy:0.5.10
-
cpe:2.3:a:http-proxy_project:http-proxy:0.5.11
-
cpe:2.3:a:http-proxy_project:http-proxy:0.5.9
-
cpe:2.3:a:http-proxy_project:http-proxy:0.6.0
-
cpe:2.3:a:http-proxy_project:http-proxy:0.6.1
-
cpe:2.3:a:http-proxy_project:http-proxy:0.6.2
-
cpe:2.3:a:http-proxy_project:http-proxy:0.6.4
-
cpe:2.3:a:http-proxy_project:http-proxy:0.6.5
-
cpe:2.3:a:http-proxy_project:http-proxy:0.6.6