Homepage
About Snyk

@hono/node-server@1.7.0 vulnerabilities

Node.js Adapter for Hono

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @hono/node-server package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Improper Handling of Exceptional Conditions

@hono/node-server is a Node.js Adapter for Hono

Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions in the newRequest() function in listener.ts, which fails with ERR_INVALID_URL on invalid Host: header values, including empty string and /. This allows attackers to trigger denial of service.

Note: The maintainers recommend upgrading to 1.11.0 to fix all issues related to this vulnerability.

How to fix Improper Handling of Exceptional Conditions?

Upgrade @hono/node-server to version 1.10.1 or higher.

>=1.3.0 <1.10.1
Go back to all versions of this package