CVE-2014-3742

Name of the Vulnerable Software and Affected Versions hapi server framework versions 2.0.x through 2.1.x

Description The issue allows remote attackers to cause a denial of service via unspecified vectors, resulting in file descriptor consumption and process crash. This is due to a file descriptor leak that, when triggered repeatedly, will cause the server to run out of file descriptors and the node process to die. The effort required to take down a server depends on the process file descriptor limit.

Recommendations For versions 2.0.x and 2.1.x, please upgrade to version 2.2.x or above as soon as possible.