Lucene search
+L

6 matches found

nessus
nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-43848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain...

7.4CVSS6.3AI score0.02667EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/22 9:34 p.m.14 views

CVE-2021-43848

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

7.4CVSS6.8AI score0.02667EPSS
Exploits1
nessus
nessus
added 2023/11/06 12:0 a.m.25 views

FreeBSD : h2o -- uninitialised memory access in HTTP3 (1d3677a8-9143-42d8-84a3-0585644dff4b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1d3677a8-9143-42d8-84a3-0585644dff4b advisory. - h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access...

7.4CVSS6.2AI score0.02667EPSS
Exploits1References3
cve
cve
added 2022/02/01 12:13 p.m.71 views

CVE-2021-43848

CVE-2021-43848 concerns h2o, an open source HTTP server. Affects HTTP/3 support where, from commits 93af138 to d1f0f65, h2o may access uninitialized memory when processing QUIC frames, potentially treating such memory as HTTP/3 frames. In reverse proxy scenarios, an attacker could cause h2o to le...

7.4CVSS5.9AI score0.02667EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2022/02/01 12:13 p.m.29 views

CVE-2021-43848 Unititialized memory access in h2o

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

7.4CVSS7.6AI score0.02667EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2022/02/01 12:13 p.m.8 views

CVE-2021-43848 Unititialized memory access in h2o

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

7.4CVSS7.4AI score0.02667EPSS
Exploits1References2
Rows per page
Query Builder