Hapi@* Security Vulnerabilities and Issues — Hapi@* CVE List

HapijsHapi*

3 matches found

CVE•added 2018/05/31 8:0 p.m.•60 views

CVE-2015-9236

CVE-2015-9236 concerns Hapi (Node.js framework) versions

5.3CVSS5.2AI score0.0154EPSS

CVE•added 2018/05/29 8:0 p.m.•53 views

CVE-2015-9241

Affected software: hapi node module (Node.js) prior to version 11.1.3. Root cause: certain inputs in If-Modified-Since or Last-Modified headers cause an 'illegal access' exception, leading hapi to keep the socket open instead of returning HTTP 500, effectively a denial of service. Impact: potenti...

7.5CVSS7.5AI score0.02135EPSS

CVE•added 2018/05/29 8:0 p.m.•52 views

CVE-2015-9243

CVE-2015-9243 affects the hapi Node.js framework prior to version 11.1.4, where merging server/connection/route-level CORS configurations could cause security restrictions (e.g., origin) to be overridden by less restrictive defaults (origin → *). This confluence creates weaker CORS controls than ...

5.9CVSS5.6AI score0.01039EPSS