Vulnerability in Hapijs Content
CVE-2026-44974
@hapi/content provided HTTP Content-* headers parsing. Prior to 6.0.2, Content.disposition() retained the last occurrence of each duplicate parameter while Content.type() retained the first occurrence of duplicate charset and boundary para…
Affected products
- Hapijs Content — versions < 6.0.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_CONFIRM)