漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included security restrictions (like origin), a higher level config that included security restrictions (like origin) would have those restrictions overridden by less restrictive defaults (e.g. origin defaults to all origins `*`).
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
hapi node模块安全漏洞
Vulnerability Description
hapi node module是一款用于Node.js的服务器框架。该框架支持输入验证、缓存和身份验证等。 hapi node模块11.1.4之前版本中存在安全漏洞。攻击者可利用该漏洞用较弱安全限制的默认配置覆盖较高的安全限制配置。
CVSS Information
N/A
Vulnerability Type
N/A