h2o -- Use-after-free vulnerability

2016-09-09T00:00:00
ID D0B12952-CB86-11E6-906F-0CC47A065786
Type freebsd
Reporter FreeBSD
Modified 2016-09-09T00:00:00

Description

Kazuho Oku reports:

A use-after-free vulnerability exists in H2O up to and including version 2.0.4 / 2.1.0-beta3 that can be used by a remote attacker to mount DoS attacks and / or information theft.