Hapi: Security Vulnerabilities
formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.
CVSS Score
5.5
EPSS Score
0.008
Published
2023-02-08
The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-05-29