CVE-2015-5638
H2O Web Server vulnerability CVE-2015-5638: Directory traversal via the file.dir directive enables remote reading of arbitrary server files. A URL processing/normalization flaw in H2O up to versions 1.4.4 and 1.5.0-beta1 allows exploitation when file.dir is enabled. Affected versions: H2O before ...