Описание
Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.4 (включая)
Одно из
cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*
cpe:2.3:a:h2o_project:h2o:2.1.0:beta3:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03157
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 9.1
debian
больше 8 лет назад
Use-after-free vulnerability in H2O allows remote attackers to cause a ...
CVSS3: 9.1
github
больше 3 лет назад
Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.
EPSS
Процентиль: 87%
0.03157
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-416