Количество 2
Количество 2
CVE-2015-9243
When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included security restrictions (like origin), a higher level config that included security restrictions (like origin) would have those restrictions overridden by less restrictive defaults (e.g. origin defaults to all origins `*`).
GHSA-j3g2-m5jj-6336
Unsafe Merging of CORS Configuration Conflict in hapi
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-9243 When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included security restrictions (like origin), a higher level config that included security restrictions (like origin) would have those restrictions overridden by less restrictive defaults (e.g. origin defaults to all origins `*`). | CVSS3: 5.9 | 0% Низкий | больше 7 лет назад |
| GHSA-j3g2-m5jj-6336 Unsafe Merging of CORS Configuration Conflict in hapi | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу