CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-32652

The adapter @hono/node-server allows you to run your Hono application on Node.js. Prior to 1.10.1, the application hangs when receiving a Host header with a value that `@hono/node-server` can't handle well. Invalid values are those that cannot be parsed by the `URL` as a hostname such as an empty string, slashes `/`, and other strings. The version 1.10.1 includes the fix for this issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.2%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2024-32652

Hono » Node-Server » Version: 1.10.0

cpe:2.3:a:hono:node-server:1.10.0
Hono » Node-Server » Version: 1.3.0

cpe:2.3:a:hono:node-server:1.3.0
Hono » Node-Server » Version: 1.3.1

cpe:2.3:a:hono:node-server:1.3.1
Hono » Node-Server » Version: 1.3.2

cpe:2.3:a:hono:node-server:1.3.2
Hono » Node-Server » Version: 1.3.3

cpe:2.3:a:hono:node-server:1.3.3
Hono » Node-Server » Version: 1.3.4

cpe:2.3:a:hono:node-server:1.3.4
Hono » Node-Server » Version: 1.3.5

cpe:2.3:a:hono:node-server:1.3.5
Hono » Node-Server » Version: 1.4.0

cpe:2.3:a:hono:node-server:1.4.0
Hono » Node-Server » Version: 1.4.1

cpe:2.3:a:hono:node-server:1.4.1
Hono » Node-Server » Version: 1.5.0

cpe:2.3:a:hono:node-server:1.5.0
Hono » Node-Server » Version: 1.6.0

cpe:2.3:a:hono:node-server:1.6.0
Hono » Node-Server » Version: 1.7.0

cpe:2.3:a:hono:node-server:1.7.0
Hono » Node-Server » Version: 1.8.0

cpe:2.3:a:hono:node-server:1.8.0
Hono » Node-Server » Version: 1.8.1

cpe:2.3:a:hono:node-server:1.8.1
Hono » Node-Server » Version: 1.8.2

cpe:2.3:a:hono:node-server:1.8.2
Hono » Node-Server » Version: 1.9.0

cpe:2.3:a:hono:node-server:1.9.0
Hono » Node-Server » Version: 1.9.1

cpe:2.3:a:hono:node-server:1.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-32652

Products

Pricing

Contact Us