CVE-2024-32652

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Apr 19, 2024

Updated: Apr 22, 2024

CWE ID 755

Summary

CVE-2024-32652 affects the @hono/node-server adapter for Hono applications running on Node.js. This vulnerability causes applications to hang when encountering invalid Host headers, such as an empty string, slashes, or unparseable values. Prior to version 1.10.1, the server was unable to handle these values correctly. The latest release, 1.10.1, includes the necessary fixes to prevent the application from hanging in such cases.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vbWCN6
https://www.cve.org/CVERecord?id=CVE-2024-32652
https://nvd.nist.gov/vuln/detail/CVE-2024-32652

Back to Vulnerability Database

CVE-2024-32652

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations