2.2.4

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-11	CVE-2024-25622	Always-Incorrect Control Flow Implementation vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. network low complexity dena CWE-670	4.3
2024-10-11	CVE-2024-45397	Authentication Bypass by Spoofing vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. network low complexity dena CWE-290	7.5
2023-12-12	CVE-2023-41337	Unspecified vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. low complexity dena	6.7
2023-12-12	CVE-2023-50247	Unspecified vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. network low complexity dena	7.5
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco	7.5
2023-04-27	CVE-2023-30847	Unspecified vulnerability in Dena H2O H2O is an HTTP server. network low complexity dena	8.2
2022-02-01	CVE-2021-43848	Unspecified vulnerability in Dena H2O h2o is an open source http server. network high complexity dena	5.9
2018-06-26	CVE-2018-0608	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dena H2O Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors. network low complexity dena CWE-119 critical	9.8