Описание
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| h2o | not-affected | package |
Примечания
https://github.com/h2o/h2o/issues/1077
EPSS
Процентиль: 81%
0.01598
Низкий
Связанные уязвимости
CVSS3: 7.5
nvd
больше 8 лет назад
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.
CVSS3: 7.5
github
больше 3 лет назад
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.
EPSS
Процентиль: 81%
0.01598
Низкий