CNNVD-202509-938 Information
Sep 05, 2025
cve
CNNVD ID
CNNVD-202509-938
Related CVE
- CNNVD Published: 2025-09-05
Description (Chinese)
Hono是Hono社区的一个用 TypeScript 编写的 Web 框架。 Hono 4.9.5及之前版本存在安全漏洞,该漏洞源于getPath函数路径解析错误,可能导致绕过代理ACL。
Description (English)
Hono is a web-based framework for the Hono community, developed by TypeScript. There is a security loophole in the Hono 4.9.5 and earlier versions, which stems from a routing error in the GetPath function, which may lead to the circumvention of the agent ACL.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Hono
Published
2025-09-05
Last Modified
2026-02-24
References
https://github.com/honojs/hono/commit/1d79aedc3f82d8c9969b115fe61bc4bd705ec8de https://github.com/honojs/hono/releases/tag/v4.9.6 https://github.com/honojs/hono/security/advisories/GHSA-9hp6-4448-45g2
Patch
https://github.com/honojs/hono/releases
Share on: