Medium severity5.3NVD Advisory· Published May 31, 2018· Updated Jun 17, 2026
CVE-2016-10543
CVE-2016-10543
Description
call is an HTTP router that is primarily used by the hapi framework. There exists a bug in call versions 2.0.1-3.0.1 that does not validate empty parameters, which could result in invalid input bypassing the route validation rules.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
callnpm | >= 2.0.1, < 3.0.2 | 3.0.2 |
Affected products
2- Range: >= 2.0.1 <3.0.2
Patches
Vulnerability mechanics
References
5- nodesecurity.io/advisories/121nvdExploitThird Party Advisory
- github.com/advisories/GHSA-84fv-prrc-5ggrghsaADVISORY
- github.com/hapijs/hapi/issues/3228nvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2016-10543ghsaADVISORY
- www.npmjs.com/advisories/121ghsaWEB
News mentions
0No linked articles in our index yet.