CVE-2017-10908

2017-12-2214:00:00

jpcert

www.cve.org

0.001 Low

EPSS

Percentile

43.1%

JSON

H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.

CNA Affected

[
  {
    "product": "H2O",
    "vendor": "Kazuho Oku",
    "versions": [
      {
        "status": "affected",
        "version": "version 2.2.3 and earlier"
      }
    ]
  }
]

References

github.com/h2o/h2o/issues/1544

jvn.jp/en/jp/JVN84182676/index.html

0.001 Low

EPSS

Percentile

43.1%

JSON

Related for CVELIST:CVE-2017-10908