CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-7193

The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site that is visited by an application consumer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.9%

CVSS Severity

CVSS v2 Score 5.8

References

Products affected by CVE-2014-7193

Sideway » Hapi Crumb » Version: 0.0.2

cpe:2.3:a:sideway:hapi_crumb:0.0.2
Sideway » Hapi Crumb » Version: 0.0.3

cpe:2.3:a:sideway:hapi_crumb:0.0.3
Sideway » Hapi Crumb » Version: 0.0.4

cpe:2.3:a:sideway:hapi_crumb:0.0.4
Sideway » Hapi Crumb » Version: 0.0.5

cpe:2.3:a:sideway:hapi_crumb:0.0.5
Sideway » Hapi Crumb » Version: 0.0.6

cpe:2.3:a:sideway:hapi_crumb:0.0.6
Sideway » Hapi Crumb » Version: 0.0.7

cpe:2.3:a:sideway:hapi_crumb:0.0.7
Sideway » Hapi Crumb » Version: 0.0.8

cpe:2.3:a:sideway:hapi_crumb:0.0.8
Sideway » Hapi Crumb » Version: 0.0.9

cpe:2.3:a:sideway:hapi_crumb:0.0.9
Sideway » Hapi Crumb » Version: 0.1.0

cpe:2.3:a:sideway:hapi_crumb:0.1.0
Sideway » Hapi Crumb » Version: 0.1.1

cpe:2.3:a:sideway:hapi_crumb:0.1.1
Sideway » Hapi Crumb » Version: 0.1.2

cpe:2.3:a:sideway:hapi_crumb:0.1.2
Sideway » Hapi Crumb » Version: 0.1.3

cpe:2.3:a:sideway:hapi_crumb:0.1.3
Sideway » Hapi Crumb » Version: 0.2.0

cpe:2.3:a:sideway:hapi_crumb:0.2.0
Sideway » Hapi Crumb » Version: 0.3.0

cpe:2.3:a:sideway:hapi_crumb:0.3.0
Sideway » Hapi Crumb » Version: 0.3.1

cpe:2.3:a:sideway:hapi_crumb:0.3.1
Sideway » Hapi Crumb » Version: 0.3.2

cpe:2.3:a:sideway:hapi_crumb:0.3.2
Sideway » Hapi Crumb » Version: 1.0.0

cpe:2.3:a:sideway:hapi_crumb:1.0.0
Sideway » Hapi Crumb » Version: 1.1.0

cpe:2.3:a:sideway:hapi_crumb:1.1.0
Sideway » Hapi Crumb » Version: 1.1.1

cpe:2.3:a:sideway:hapi_crumb:1.1.1
Sideway » Hapi Crumb » Version: 1.1.2

cpe:2.3:a:sideway:hapi_crumb:1.1.2
Sideway » Hapi Crumb » Version: 2.0.0

cpe:2.3:a:sideway:hapi_crumb:2.0.0
Sideway » Hapi Crumb » Version: 2.1.0

cpe:2.3:a:sideway:hapi_crumb:2.1.0
Sideway » Hapi Crumb » Version: 2.2.0

cpe:2.3:a:sideway:hapi_crumb:2.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-7193

Products

Pricing

Contact Us