Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2018/02/27 12:0 a.m.27 views

H2O HTTP Server < 2.2.3 Multiple Vulnerabilities

H2O HTTP Server is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.5AI score0.03467EPSS
Exploits0References2
CVE
CVE
added 2017/12/22 2:0 p.m.72 views

CVE-2017-10869

H2O HTTP Server vulnerability CVE-2017-10869 is a stack-based buffer overflow affecting H2O versions 2.2.2 and earlier. The flaw allows remote unauthenticated attackers to cause a denial-of-service via unspecified vectors. Connected sources specify multiple DoS-related CVEs in H2O and indicate th...

7.5CVSS7.4AI score0.02625EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/18 12:0 a.m.79 views

JVN#84182676: Multiple vulnerabilities in H2O

H2O is an open source web server software. H2O contains multiple vulnerabilities listed below. A Denial-of-service DoS due to a flaw in processing HTTP/1 header CWE-20 - CVE-2017-10868 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L| Base Score: 5.3 CVSS...

7.5CVSS7.6AI score0.03636EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/07/19 12:0 a.m.20 views

h2o -- DoS in workers

Frederik Deweerdt reports: Multiple Denial-of-Service vulnerabilities exist in h2o workers - see references for full details. CVE-2017-10868: Worker processes may crash when receiving a request with invalid framing. CVE-2017-10869: The stack may overflow when proxying huge requests...

7.5CVSS7.8AI score0.03467EPSS
Exploits0References3
Rows per page
Query Builder