PT-2017-11600 · H2O · H2O

Kazuho Oku

Publicado

2017-12-22

Atualizado

2021-04-19

CVE-2017-10908

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions H2O versions 2.2.3 and earlier

Description The issue allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.

Recommendations For versions 2.2.3 and earlier, update to a version later than 2.2.3 to resolve the issue.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2017-10908

H2O