hapi is an HTTP Server framework. Affected versions of the package are vulnerable to Denial of Service (DoS). A client can send a malformed accept-encoding header to the server, invoking an uncaught exception and may cause the server to crash or hang for long periods of time.
Snyk reports hapi is vulnerable to a denial of service attack:
Denial of Service (DoS)
Medium severityNew Vulnerable module: hapi Introduced through: trailpack-hapi@2.2.0 Detailed paths and remediation
Introduced through: xxx-backend@0.0.1 › trailpack-hapi@2.2.0 › hapi@15.2.0 Remediation: No remediation path available. Overview
hapi is an HTTP Server framework. Affected versions of the package are vulnerable to Denial of Service (DoS). A client can send a malformed accept-encoding header to the server, invoking an uncaught exception and may cause the server to crash or hang for long periods of time.