6 matches found
CVE-2023-30847
H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a certain type of invalid HTTP request, it tries to build an upstream URL by reading from uninitialized pointer. This behavior can lead to crashes or leak of information to back end HTTP...
FreeBSD : h2o -- Malformed HTTP/1.1 causes Out-of-Memory Denial of Service (4da51989-5a8b-4eb9-b442-46d94ec0802d)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4da51989-5a8b-4eb9-b442-46d94ec0802d advisory. - H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to...
CVE-2023-30847 H2O vulnerable to read from uninitialized pointer in the reverse proxy handler
H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a certain type of invalid HTTP request, it tries to build an upstream URL by reading from uninitialized pointer. This behavior can lead to crashes or leak of information to back end HTTP...
CVE-2023-30847
CVE-2023-30847 affects the H2O HTTP server. In versions up to 2.3.0-beta2, the reverse proxy handler could read from an uninitialized pointer when processing a certain invalid HTTP request, potentially causing crashes or information leakage to backend servers. The issue was fixed by PR 3229 and m...
CVE-2023-30847 H2O vulnerable to read from uninitialized pointer in the reverse proxy handler
H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a certain type of invalid HTTP request, it tries to build an upstream URL by reading from uninitialized pointer. This behavior can lead to crashes or leak of information to back end HTTP...
CVE-2023-30847
H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a certain type of invalid HTTP request, it tries to build an upstream URL by reading from uninitialized pointer. This behavior can lead to crashes or leak of information to back end HTTP...