H2o Security Vulnerabilities and Issues — H2o CVE List

Lucene search

DenaH2o

6 matches found

CVE•added 2017/12/22 2:29 p.m.•78 views

CVE-2017-10868

H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header.

7.5CVSS7.2AI score0.01218EPSS

CVE•added 2017/06/09 4:29 p.m.•67 views

CVE-2016-7835

Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.

9.1CVSS9.1AI score0.03157EPSS

CVE•added 2017/12/22 2:29 p.m.•56 views

CVE-2017-10869

Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors.

7.5CVSS7.4AI score0.01867EPSS

CVE•added 2017/12/22 2:29 p.m.•56 views

CVE-2017-10908

H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.

7.5CVSS7.3AI score0.01336EPSS

CVE•added 2017/12/22 2:29 p.m.•49 views

CVE-2017-10872

H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors.

6.5CVSS6.4AI score0.00676EPSS

CVE•added 2017/05/12 6:29 p.m.•39 views

CVE-2016-4864

H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.

7.5CVSS7.3AI score0.01598EPSS