Name of the Vulnerable Software and Affected Versions @commercial/hapi versions prior to 16.8.2 @commercial/hapi versions prior to 17.9.2 @commercial/hapi versions prior to 18.4.1 @commercial/hapi versions prior to 19.1.1

Description The issue affects the CORS request handler in @commercial/hapi, causing it to throw a system error when encountering invalid values in the header. If an unhandled exception handler is not available, this can lead to the application exiting, allowing an attacker to shut down services.

Recommendations Upgrade to version 16.8.2 or later. Upgrade to version 17.9.2 or later. Upgrade to version 18.4.1 or later. Upgrade to version 19.1.1 or later.