4 matches found
H2O HTTP Server < 2.2.3 Multiple Vulnerabilities
H2O HTTP Server is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-10869
H2O HTTP Server vulnerability CVE-2017-10869 is a stack-based buffer overflow affecting H2O versions 2.2.2 and earlier. The flaw allows remote unauthenticated attackers to cause a denial-of-service via unspecified vectors. Connected sources specify multiple DoS-related CVEs in H2O and indicate th...
JVN#84182676: Multiple vulnerabilities in H2O
H2O is an open source web server software. H2O contains multiple vulnerabilities listed below. A Denial-of-service DoS due to a flaw in processing HTTP/1 header CWE-20 - CVE-2017-10868 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L| Base Score: 5.3 CVSS...
h2o -- DoS in workers
Frederik Deweerdt reports: Multiple Denial-of-Service vulnerabilities exist in h2o workers - see references for full details. CVE-2017-10868: Worker processes may crash when receiving a request with invalid framing. CVE-2017-10869: The stack may overflow when proxying huge requests...