Vulnerabilities > Dena > H2O > 2.1.0

DATE CVE VULNERABILITY TITLE RISK
2017-12-22 CVE-2017-10869 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dena H2O
Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors.
network
low complexity
dena CWE-119
7.5
7.5
2017-12-22 CVE-2017-10868 Improper Input Validation vulnerability in Dena H2O
H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header.
network
low complexity
dena CWE-20
7.5
7.5
2017-05-12 CVE-2016-4864 Use of Externally-Controlled Format String vulnerability in Dena H2O
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.
network
low complexity
dena CWE-134
7.5
7.5