Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package hawk, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2016-2515 — CVSS 7.5 (high): Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service (CPU consumption or partial outage) via a long…
CVE-2022-29167 — CVSS 7.4 (high): Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification…