Denial-of-Service Vulnerability in H2O Versions 2.0.3 and Earlier and 2.1.0-beta2 and Earlier

CVE-2016-4864 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.

Learn more about our Web Application Penetration Testing UK.