15 matches found
EUVD-2017-2509
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-30847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a certain type of invalid HTTP request, it tries to...
H2O HTTP Server HTTP/2 Protocol DoS Vulnerability (GHSA-mrjm-qq9m-9mjq, MadeYouReset)
H2O is prone to a denial of service DoS vulnerability in the HTTP/2 protocol dubbed SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
The vulnerability of the `connection.c` component of the HTTP/2 web server Apache Traffic Server, the H2O web server, Node.js software platform, and the SwiftNIO networking framework allows a attacker to cause a service failure.
The vulnerability of the connection.c component of the HTTP/2 web server Apache Traffic Server, the H2O web server, the Node.js software platform, and the SwiftNIO networking framework is related to errors in the resource consumption control mechanism. Exploiting this vulnerability can allow an...
The vulnerability relates to the implementation of the HTTP/2 network protocol on Windows operating systems, Apache Traffic Server web servers, H2O web servers, network programming tools such as netty, SwiftNIO, Envoy, and the Node.js software platform. This allows attackers to induce service failures.
The vulnerability of the HTTP/2 network protocol implementation in Windows operating systems, Apache Traffic Server web servers, H2O web servers, network programming tools such as netty, SwiftNIO, Envoy, and Node.js software platforms is related to an uncontrolled resource consumption. Exploiting...
H2O Buffer Overflow Vulnerability (CNVD-2018-16256)
H2O is a set of open source Web server software . A buffer overflow vulnerability exists in H2O 2.2.4 and earlier versions. A remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service...
H2O Buffer Overflow Vulnerability
H2O is a set of open source Web server software . A buffer overflow vulnerability exists in H2O 2.2.2 and earlier versions. A remote attacker could exploit this vulnerability to cause a denial of service...
H2O Denial of Service Vulnerability (CNVD-2018-01620)
H2O is a set of open source Web server software . A denial of service vulnerability exists in H2O 2.2.3 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of service with a specially crafted HTTP/2 packet header...
H2O Denial of Service Vulnerability
H2O is a set of open source Web server software . A denial of service vulnerability exists in H2O. An attacker could exploit this vulnerability to cause a denial of service or obtain sensitive information...
H2O use of externally-controlled format string
Overview H2O is an open source web server software. H2O uses externally-controlled format strings CWE-134 in the code which output error logs. Kazuho Oku reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Kazuho Oku coordinated under the Information...
H2O use-after-free vulnerability
Overview H2O is an open source web server software. H2O contains a use-after-free vulnerability. Kazuho Oku reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Kazuho Oku coordinated under the Information Security Early Warning Partnership. Impact An...
JVN#87859762: H2O use-after-free vulnerability
H2O is an open source web server software. H2O contains a use-after-free vulnerability. Impact An attacker may cause a denial-of-service DoS condition by sending a specially crafted packet. Solution Update the Software Update to the latest version according to the information provided by the...
H2O Memory Misreference Vulnerability
H2O is a set of open source Web server software . A memory misreference vulnerability exists in H2O 1.7.2 and earlier versions. An attacker can exploit this vulnerability by sending specially crafted packets to cause a denial of service...
H2O CRLF Injection Vulnerability
H2O is a set of open source Web server software . The 'onreq' function in the lib/handler/redirect.c file of H2O suffers from a CRLF injection vulnerability that allows remote attackers to inject arbitrary HTTP headers using specially crafted URIs to perform HTTP response splitting attacks...
JVN#45928828: H2O vulnerable to HTTP header injection
H2O is an open source web server software. H2O contains an HTTP header injection vulnerability. Impact An HTTP response splitting attack may result in arbitrary cookie values. Solution Update the Software Update to the latest version according to the information provided by the developer. Product...