DocsDigest
Back to listLanguage: JA
ClaudeHonoFeb 23, 2026, 7:25 AM

v4.12.2

A condensed section focused on the key takeaways first.

Original Post
OpenAIClaude

Quick Digest

Summary

A condensed section focused on the key takeaways first.

claudeenmodel: claude-sonnet-4-20250514

Hono v4.12.2 - Security Fix for AWS Lambda Adapter

securityaws-lambdax-forwarded-forvulnerabilitypatchhonoalb

Key Points

  • Security fix for X-Forwarded-For handling
  • AWS Lambda adapter vulnerability patched
  • IP-based access control bypass prevented

Summary

Hono v4.12.2 is a security patch release that addresses a critical vulnerability in the AWS Lambda adapter's handling of X-Forwarded-For headers behind Application Load Balancer (ALB).

Key Points

  • Security Fix: Fixed incorrect X-Forwarded-For header handling in AWS Lambda adapter
  • Vulnerability Impact: Could allow IP-based access control bypass when deployed behind ALB
  • Change: Reverted PR #4707 to address the security issue
  • Advisory: Full details available in GHSA-xh87-mx6m-69f3
  • Contributors: Thanks to @EdamAme-x for identifying the issue

Full Translation

Translations

A translation section that keeps the flow of the original article.

claudejamodel: claude-sonnet-4-20250514

v4.12.2

v4.12.2

セキュリティ修正

ALB背後のAWS LambdaアダプターにおけるX-Forwarded-Forの不適切な処理を修正しました。この問題により、IPベースのアクセス制御がバイパスされる可能性がありました。

詳細: GHSA-xh87-mx6m-69f3

@EdamAme-x に感謝します

変更内容

  • fix(context): revert PR #4707 by @yusukebe in #4757

Full Changelog: v4.12.1...v4.12.2

コントリビューター

  • yusukebe
  • EdamAme-x