Denial of Service (DoS) Vulnerability in hapi <= 16.1.0

Denial of Service (DoS) Vulnerability in hapi <= 16.1.0

CVE-2017-16013 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached.

Learn more about our Web App Pen Testing.