2.1.2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

spumko-project

CWE-399

NVD

Published: 2014-05-16

Updated: 2024-11-21

Summary

The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js allows remote attackers to cause a denial of service (file descriptor consumption and process crash) via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Spumko_Project Spumko Project Hapi Server Framework 2.0.0 Spumko Project Hapi Server Framework 2.1.2 Spumko Project Hapi Server Framework 2.1.1	4

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://www.openwall.com/lists/oss-security/2014/05/13/1
http://www.openwall.com/lists/oss-security/2014/05/13/1
http://www.openwall.com/lists/oss-security/2014/05/15/2
http://www.openwall.com/lists/oss-security/2014/05/15/2
https://github.com/spumko/hapi/issues/1427
https://github.com/spumko/hapi/issues/1427
https://nodesecurity.io/advisories/hapi_File_descriptor_leak_DoS_vulnerability
https://nodesecurity.io/advisories/hapi_File_descriptor_leak_DoS_vulnerability