PT-2020-20946 — Hapi @Hapi/Hapi

PT-2020-20946 · Hapi · @Hapi/Hapi

Published

2020-09-03

Updated

2020-09-03

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions @hapi/hapi versions prior to 18.4.1 @hapi/hapi versions prior to 19.1.1

Description The issue affects the CORS request handler, which can throw a system error if the header contains invalid values. If there is no unhandled exception handler, this can cause the application to exit, allowing an attacker to shut down services.

Recommendations Upgrade to version 18.4.1 or later. Upgrade to version 19.1.1 or later.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

GHSA-23VW-MHV5-GRV5

Affected Products

@Hapi/Hapi