Latest Dena Vulnerabilities

● CVE-2023-50247

h2o QUIC state exhaustion DoS

Dena H2o<=2.2.6

Dena H2o=2.3.0-beta1

Dena H2o=2.3.0-beta2

● CVE-2023-41337

h2o vulnerable to TLS session resumption misdirection

Dena H2o<=2.2.6

Dena H2o=2.3.0-beta1

Dena H2o=2.3.0-beta2

● CVE-2023-44487

- Rapid Reset HTTP/2 vulnerability

Microsoft Windows 11=21H2

Microsoft Windows Server 2022

Microsoft Windows 11=22H2

and 556 more

● CVE-2023-30847

H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a certain type of invalid HTTP request, it tries to build an upstream URL by reading from un...

Dena H2o<=2.2.6

Dena H2o=2.3.0-beta1

Dena H2o=2.3.0-beta2

● CVE-2022-29482

'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-midd...

Dena Mobaoku-auction \& Flea Market<5.5.16

● CVE-2021-43848

h2o is an open source http server. In code prior to the `8c0eca3` commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation ...

Dena H2o<2021-12-20

● CVE-2018-0608

Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors.

Dena H2o<=2.2.4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.