npm vulnerability intelligence

http-proxy-agent NPM Package
Vulnerability Check

An HTTP(s) proxy `http.Agent` implementation for HTTP

High severity MIT v9.1.0
Vulnerability Analysis OSV Live

http-proxy-agent

v9.1.0 · MIT · 142,293,848 dl/wk

Advisory Breakdown

Critical 0
High 1
Moderate 1
Low 0

Severity Rating

High severity

2 advisories

High severity

Weekly downloads

142,293,848

Total advisories

2

Latest version

9.1.0

License

MIT

Advisories Package Info Runtime

Known advisories

OSV records for the npm ecosystem

2
GHSA-86wf-436m-h424 CVE-2019-10196 moderate

Resource Exhaustion Denial of Service in http-proxy-agent

Affected: >=0 <2.1.0 Fixed in: 2.1.0 Updated Nov 8, 2023
View source
GHSA-8w57-jfpm-945m high

Denial of Service in http-proxy-agent

Affected: >=0 <2.1.0 Fixed in: 2.1.0 Updated Apr 11, 2023
View source

Checked Jun 27, 2026, 2:39 PM from npm and OSV.dev

Package metadata

From the npm registry

Package name
http-proxy-agent
Ecosystem
npm
Latest version
9.1.0
License
MIT
Weekly downloads
142,293,848
Repository
Open repository

Remediation boundary

What RequestGuard does — and doesn't — cover

RequestGuard does not fix npm package vulnerabilities. Dependency remediation happens through package updates, patches, lockfile changes, and maintainer guidance. RequestGuard can help mitigate runtime abuse around exposed web and API flows while remediation is handled separately.

Signup flows
Login attempts
API traffic

Protect runtime flows →

Allow, challenge, review, and block decisions for exposed endpoints.

Data from npm registry and OSV.dev · Checked 6/27/2026, 2:39:38 PM