Skip to main content

Hapi Crumb

1 CVEs product

Monthly

CVE-2014-7193 npm MEDIUM PATCH This Month

The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Node.js Authentication Bypass Hapi Crumb
NVD GitHub
CVSS 2.0
5.8
EPSS
0.2%
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Node.js Authentication Bypass Hapi Crumb
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy