CVE-2017-16013

EPSS 0.33% · P56 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-16013

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

未加控制的资源消耗(资源穷尽)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Hapi 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Hapi是一款用于Node.js的服务器框架。该框架支持输入验证、缓存和身份验证等。 Hapi 15.0.0版本至16.1.0版本中存在安全漏洞。攻击者可利用该漏洞造成hapi崩溃或客户端连接挂起。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
HackerOne	hapi node module	>= 15.0.0 <= 16.1.0	-

II. Public POCs for CVE-2017-16013

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-16013

Please Login to view more intelligence information

https://github.com/hapijs/hapi/issues/3466x_refsource_MISC
https://nodesecurity.io/advisories/335x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2017-16013

Same Patch Batch · HackerOne · 2018-06-04 · 98 CVEs total

CVE-2017-16017		Sanitize-html 跨站脚本漏洞
CVE-2017-16007		node-jose 安全漏洞
CVE-2017-0930		augustine 路径遍历漏洞
CVE-2017-0928		html-janitor 安全漏洞
CVE-2016-10697		react-native-baidu-voice-synthesizer 安全漏洞
CVE-2016-10696		windows-latestchromedriver 安全漏洞
CVE-2016-10695		npm-test-sqlite3-trunk 安全漏洞
CVE-2017-0931		html-janitor 跨站脚本漏洞
CVE-2017-16015		Forms 跨站脚本漏洞
CVE-2017-16016		Sanitize-html 跨站脚本漏洞
CVE-2017-16014		Http-proxy 安全漏洞
CVE-2017-16018		Restify 跨站脚本漏洞
CVE-2017-16019		GitBook online reader 跨站脚本漏洞
CVE-2017-16020		Summit 安全漏洞
CVE-2017-16021		uri-js 安全漏洞
CVE-2017-16022		Morris.js 跨站脚本漏洞
CVE-2017-16023		Decamelize 安全漏洞
CVE-2017-16024		sync-exec 安全漏洞
CVE-2017-16025		Nes 安全漏洞
CVE-2017-16026		Request 安全漏洞

Showing top 20 of 98 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: hapi node module

Same vendor: HackerOne

Same weakness: CWE-400

V. Comments for CVE-2017-16013

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-16013

I. Basic Information for CVE-2017-16013

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-16013

III. Intelligence Information for CVE-2017-16013

Same Patch Batch · HackerOne · 2018-06-04 · 98 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-16013

Leave a comment