- EPSS 0.08%
- Veröffentlicht 22.08.2024 15:15:16
- Zuletzt bearbeitet 17.09.2025 20:34:47
Hono is a Web application framework that provides support for any JavaScript runtime. Hono CSRF middleware can be bypassed using crafted Content-Type header. MIME types are case insensitive, but isRequestedByFormElementRe only matches lower-case. As ...
CVE-2024-32869
- EPSS 1.33%
- Veröffentlicht 23.04.2024 21:15:48
- Zuletzt bearbeitet 17.09.2025 20:34:12
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.2.7, when using serveStatic with deno, it is possible to traverse the directory where `main.ts` is located. This can result in retrieval of unexp...
CVE-2023-50710
- EPSS 0.36%
- Veröffentlicht 14.12.2023 18:15:45
- Zuletzt bearbeitet 21.11.2024 08:37:11
Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended para...