Vulnerability in Hapijs Content

CVE-2026-44974

@hapi/content provided HTTP Content-* headers parsing. Prior to 6.0.2, Content.disposition() retained the last occurrence of each duplicate parameter while Content.type() retained the first occurrence of duplicate charset and boundary para…

Affected products

Weakness classification (CWE)

References