Affected versions of http-proxy are vulnerable to a denial of service attack, wherein an attacker can force an error which will cause the server to crash.

Update to version 0.7.0 or later.