Note:
This project will be discontinued after December 13, 2021. [more]
Product:
H2o
(Dena)| Repositories | https://github.com/h2o/h2o |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-01-16 | CVE-2016-1133 | CRLF injection vulnerability in the on_req function in lib/handler/redirect.c in H2O before 1.6.2 and 1.7.x before 1.7.0-beta3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URI. | H2o | 3.7 | ||
| 2017-05-12 | CVE-2016-4864 | H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy. | H2o | 7.5 |