Chimurai

**Name of the Vulnerable Software and Affected Versions** http-proxy-middleware versions 2.0.7 and earlier, http-proxy-middleware versions 3.x before 3.0.4 **Description** The issue arises because `writeBody` can be called twice due to the absence of "else if". This can lead to information disclosure. **Recommendations** For http-proxy-middleware version 2.0.7 and earlier, update to version 2.0.8 or later. For http-proxy-middleware version 3.x before 3.0.4, update to version 3.0.4 or later. As a temporary workaround, consider restricting the use of the `writeBody` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** http-proxy-middleware versions 2.0.9 and earlier, 3.x versions prior to 3.0.5 **Description** The issue arises when `fixRequestBody` proceeds even if `bodyParser` has failed. This can lead to potential security risks. **Recommendations** For versions prior to 2.0.9, update to version 2.0.9 or later. For 3.x versions prior to 3.0.5, update to version 3.0.5 or later. As a temporary workaround, consider disabling the `fixRequestBody` function until a patch is available.