3 matches found
CVE-2024-32652
The adapter @hono/node-server allows you to run your Hono application on Node.js. Prior to 1.10.1, the application hangs when receiving a Host header with a value that @hono/node-server can't handle well. Invalid values are those that cannot be parsed by the URL as a hostname such as an empty...
CVE-2024-32652 @hono/node-server contains Denial of Service risk when receiving Host header that cannot be parsed
The adapter @hono/node-server allows you to run your Hono application on Node.js. Prior to 1.10.1, the application hangs when receiving a Host header with a value that @hono/node-server can't handle well. Invalid values are those that cannot be parsed by the URL as a hostname such as an empty...
CVE-2024-32652
Summary: CVE-2024-32652 affects the Node.js adapter @hono/node-server. Before version 1.10.1, handling of invalid Host header values (e.g., empty strings or values not parseable as a hostname) could cause the application to hang via an Invalid URL error. The advisory states that 1.10.1 fixes the ...