CVE-2017-16013

Summary

hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed accept-encoding header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached.

Affected Software

VendorProductVersion RangeStatus
HackerOnehapi node module>= 15.0.0 <= 16.1.0affected

Weaknesses

  • CWE-400: Denial of Service (CWE-400)

ADP Enrichment

CVE Program Container

Additional References

References