CVE-2018-0608 (NVD)

2018-06-26

Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors.

Products H2o
Type Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119)
First patch - None (likely due to unavailable code)
Links http://jvn.jp/en/jp/JVN93226941/index.html
https://github.com/h2o/h2o/issues/1775