Security vulnerability affects the configurable-http-proxy package. This issue is resolved in later releases. See references for vulnerability details.