Moderate severityOSV Advisory· Published Dec 10, 2025· Updated Dec 10, 2025
HTTP/HTTPS Traffic Interception Bypass in mad-proxy
CVE-2025-67485
Description
mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 and below allow attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic. This issue does not have a fix at the time of publication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mad-proxyPyPI | <= 0.3 | — |
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-wx63-35hw-2482ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-67485ghsaADVISORY
- github.com/machphy/mad-proxy/security/advisories/GHSA-wx63-35hw-2482ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.