Hackerone Hapi Node Module

4 CVEs affecting Hackerone Hapi Node Module. Latest disclosed: 2018-06-04. Critical: 0, High: 2.

Top CVEs affecting Hackerone Hapi Node Module
CVESeverityScorePublishedSummary
CVE-2017-16013High7.52018-06-04hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown…
CVE-2015-9241High7.52018-05-29Certain input passed into the If-Modified-Since or Last-Modified headers will cause an 'illegal access' exception to be raised. Instead of sending a HTTP 500 e…
CVE-2015-9243Medium5.92018-05-29When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included s…
CVE-2015-9236Medium5.32018-05-31Hapi versions less than 11.0.0 implement CORS incorrectly and allowed for configurations that at best returned inconsistent headers and at worst allowed cross-…