hapi@15.0.1 vulnerabilities

HTTP Server framework

Direct Vulnerabilities

Known vulnerabilities in the hapi package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Denial of Service (DoS)

hapi is a HTTP Server framework.

Affected versions of this package are vulnerable to Denial of Service (DoS). The CORS request handler has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. If no unhandled exception handler is available, the application will exist, allowing an attacker to shut down services.

How to fix Denial of Service (DoS)?

There is no fixed version for hapi.

*
  • M
Denial of Service (DoS)

hapi is an HTTP Server framework. Affected versions of the package are vulnerable to Denial of Service (DoS). A client can send a malformed accept-encoding header to the server, invoking an uncaught exception and may cause the server to crash or hang for long periods of time.

How to fix Denial of Service (DoS)?

Upgrade hapi to version 16.1.1 or higher.

>=15.0.0 <16.1.1