CVE-2025-32997

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-32997
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-32997.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-32997
Aliases
Related
Published
2025-04-15T03:15:18.363Z
Modified
2026-02-14T07:58:25.942937Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed.

References

Affected packages

Git / github.com/chimurai/http-proxy-middleware

Affected ranges

Type
GIT
Repo
https://github.com/chimurai/http-proxy-middleware
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1bdccbeec243850f1d2bb50ea0ff2151e725d67e
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
617a7c9da9cc90ecc00b0c8b1c2f6a385c879cb1
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d3851ed0075298ea2477d4221809f5875781b66f
Introduced
84bfa46fc7174f46b9f24c1e7a7a1a977f0993f3
Fixed
d3851ed0075298ea2477d4221809f5875781b66f

Affected versions

v3.*
v3.0.0
v3.0.1
v3.0.1-beta.0
v3.0.1-beta.1
v3.0.2
v3.0.3
v3.0.4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-32997.json"