High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-11	CVE-2024-45396	Reachable Assertion vulnerability in Dena Quicly Quicly is an IETF QUIC protocol implementation. network low complexity dena CWE-617	7.5
2024-10-11	CVE-2024-45397	Authentication Bypass by Spoofing vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. network low complexity dena CWE-290	7.5
2024-10-11	CVE-2024-45403	Reachable Assertion vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. network low complexity dena CWE-617	7.5
2023-12-12	CVE-2023-50247	Unspecified vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. network low complexity dena	7.5
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco	7.5
2023-04-27	CVE-2023-30847	Unspecified vulnerability in Dena H2O H2O is an HTTP server. network low complexity dena	8.2
2017-12-22	CVE-2017-10908	Improper Input Validation vulnerability in Dena H2O H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header. network low complexity dena CWE-20	7.5
2017-12-22	CVE-2017-10869	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dena H2O Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors. network low complexity dena CWE-119	7.5
2017-12-22	CVE-2017-10868	Improper Input Validation vulnerability in Dena H2O H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header. network low complexity dena CWE-20	7.5
2017-05-12	CVE-2016-4864	Use of Externally-Controlled Format String vulnerability in Dena H2O H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy. network low complexity dena CWE-134	7.5