CVE-2016-2515

Regular Expression Denial of Service in hawk

Description

Versions of hawk prior to 3.1.3, or 4.x prior to 4.1.1 are affected by a regular expression denial of service vulnerability related to excessively long headers and URI's.

Recommendation

Update to hawk version 4.1.1 or later.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

July 31, 2018

Modified Date

November 7, 2023

Score Vector

Affected Versions