Vulnerabilities > Dena > H2O > 1.7.3

DATE CVE VULNERABILITY TITLE RISK
2017-12-22 CVE-2017-10869 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dena H2O
Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors.
network
low complexity
dena CWE-119
7.5
7.5
2017-12-22 CVE-2017-10868 Improper Input Validation vulnerability in Dena H2O
H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header.
network
low complexity
dena CWE-20
7.5
7.5
2017-06-09 CVE-2016-7835 Use After Free vulnerability in multiple products
Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.
network
low complexity
h2o-project dena CWE-416
critical
 9.1
9.1