Every CVE whose affected-product data names Hapijs Hapi, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2015-9241 — CVSS 7.5 (high): Certain input passed into the If-Modified-Since or Last-Modified headers will cause an 'illegal access' exception to be raised. Instead of…
CVE-2017-16013 — CVSS 7.5 (high): hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught…
CVE-2015-9243 — CVSS 5.9 (medium): When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher…
CVE-2015-9236 — CVSS 5.3 (medium): Hapi versions less than 11.0.0 implement CORS incorrectly and allowed for configurations that at best returned inconsistent headers and at…