Versions of hawk
prior to 3.1.3, or 4.x prior to 4.1.1 are affected by a regular expression denial of service vulnerability related to excessively long headers and URI’s.
Update to hawk version 4.1.1 or later.
CPE | Name | Operator | Version |
---|---|---|---|
hawk | lt | 3.1.3 || >= 4.0.0 <4.1.1 |