CVE-2017-10868

CVE-2017-10868

EPSS 3.5%

H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header.

Affected products

Kazuho Oku · H2O

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/h2o/h2o/issues/1459 https://jvn.jp/en/jp/JVN84182676/index.html