http-proxy-middleware
http-proxy-middleware copied to clipboard
micromatch vulnerable at v4.0.5
Describe the feature you'd love to see
https://github.com/chimurai/http-proxy-middleware/blob/master/package.json#L93
micromatch
is vulnerable at v4.0.5 as per https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4067. To me, it doesn't look like they are going to cut a new release -- their last commit was in 2019.
So this is a feature request to move to a different matching package -- one that is maintained more regularly or at least isn't vulnerable to this CVE.
Additional context (optional)
No response