Description

The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js allows remote attackers to cause a denial of service (file descriptor consumption and process crash) via unspecified vectors.

Remediation

References

https://github.com/spumko/hapi/issues/1427

http://www.openwall.com/lists/oss-security/2014/05/13/1

https://nodesecurity.io/advisories/hapi_File_descriptor_leak_DoS_vulnerability

http://www.openwall.com/lists/oss-security/2014/05/15/2

Related Vulnerabilities

CVE-2022-2668 Vulnerability in maven package org.keycloak:keycloak-saml-core

CVE-2017-7676 Vulnerability in maven package org.apache.ranger:ranger

CVE-2022-28158 Vulnerability in maven package com.surenpi.jenkins:phoenix-autotest

CVE-2023-29526 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rendering-async-api

CVE-2022-43424 Vulnerability in maven package com.compuware.jenkins:compuware-xpediter-code-coverage

Severity

Critical

Classification

CWE-399

Tags

Vendor Advisory