Vulnerabilities > Dena > H2O
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-11 | CVE-2024-25622 | Always-Incorrect Control Flow Implementation vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. | 4.3 |
| 2024-10-11 | CVE-2024-45397 | Authentication Bypass by Spoofing vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. | 7.5 |
| 2024-10-11 | CVE-2024-45403 | Reachable Assertion vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. | 7.5 |
| 2023-12-12 | CVE-2023-41337 | Unspecified vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. low complexity dena | 6.7 |
| 2023-12-12 | CVE-2023-50247 | Unspecified vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. | 7.5 |
| 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
| 2023-04-27 | CVE-2023-30847 | Unspecified vulnerability in Dena H2O H2O is an HTTP server. | 8.2 |
| 2022-02-01 | CVE-2021-43848 | Unspecified vulnerability in Dena H2O h2o is an open source http server. | 5.9 |
| 2018-06-26 | CVE-2018-0608 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dena H2O Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors. | 9.8 |
| 2017-12-22 | CVE-2017-10908 | Improper Input Validation vulnerability in Dena H2O H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header. | 7.5 |