5 matches found
CVE-2024-32869
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.2.7, when using serveStatic with deno, it is possible to traverse the directory where main.ts is located. This can result in retrieval of unexpected files. Version 4.2.7 contains a patch for t...
CVE-2024-32869 Hono vulnerable to Restricted Directory Traversal in serveStatic with deno
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.2.7, when using serveStatic with deno, it is possible to traverse the directory where main.ts is located. This can result in retrieval of unexpected files. Version 4.2.7 contains a patch for t...
CVE-2024-32869
Hono CVE-2024-32869 involves a path traversal bug in serveStatic when used with Deno, allowing traversal of the directory containing main.ts and potential exposure of unintended files. Affected product: Hono web framework; vulnerable component: serveStatic middleware (Deno runtime path handling)....
0agent (>=1.0.1 <=1.1.5), 0dot (=0.6.0) +60685 more potentially affected by CVE-2024-32869 via hono (>=0.5.10 <=4.2.6)
hono NPM version =0.5.10, =1.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =2.0.0, =1.0.0, =0.3.2, =0.1.0, =0.3.8 and more Source cves: CVE-2024-32869 Source advisory: OSV:GHSA-3MPF-RCC7-5347...
CVE-2024-32869
creationtimestamp| type| source ---|---|--- 2024-04-23 08:21:55+00:00| published-proof-of-concept| https://github.com/honojs/hono/security/advisories/GHSA-3mpf-rcc7-5347...