npm / http-proxy-middleware

http-proxy-middleware can call writeBody twice because "else if" is not used

Modified: 2/4/2026

http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass

Modified: 6/18/2026

http-proxy-middleware allows fixRequestBody to proceed even if bodyParser has failed

Modified: 2/4/2026

Denial of service in http-proxy-middleware

Modified: 2/4/2026

http-proxy-middleware: multipart/form-data field injection via unescaped CRLF in `fixRequestBody`

Modified: 6/18/2026