Homepage

hapi@16.0.2 vulnerabilities

HTTP Server framework

  • latest version

    18.1.0

  • first published

    13 years ago

  • latest version published

    6 years ago

  • deprecated

    Package is deprecated

  • licenses detected

  • View hapi package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the hapi package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Denial of Service (DoS)

    hapi is a HTTP Server framework.

    Affected versions of this package are vulnerable to Denial of Service (DoS). The CORS request handler has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. If no unhandled exception handler is available, the application will exist, allowing an attacker to shut down services.

    How to fix Denial of Service (DoS)?

    There is no fixed version for hapi.

    *
    • M
    Denial of Service (DoS)

    hapi is an HTTP Server framework. Affected versions of the package are vulnerable to Denial of Service (DoS). A client can send a malformed accept-encoding header to the server, invoking an uncaught exception and may cause the server to crash or hang for long periods of time.

    How to fix Denial of Service (DoS)?

    Upgrade hapi to version 16.1.1 or higher.

    >=15.0.0 <16.1.1
    Go back to all versions of this package