Denial of Service Vulnerability in H2O Server (Versions 2.2.3 and Earlier) via Crafted HTTP/2 Header

Denial of Service Vulnerability in H2O Server (Versions 2.2.3 and Earlier) via Crafted HTTP/2 Header

CVE-2017-10908 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.

Learn more about our Cis Benchmark Audit For Server Software.