pkg:Debian/h2o

All known vulnerabilities

• MEDIUM5.3CVE-2023-44487⚠ KEVnghttp2 - security update
  from 0
• MEDIUM5.3CVE-2023-44487⚠ KEVnghttp2 - security update
  from 0, < 2.2.5+dfsg2-2+deb10u2
• CRITICAL9.8CVE-2018-0608Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via u…
  from 0, < 2.2.5+dfsg1-1
• HIGH7.5CVE-2025-8671Pingora MadeYouReset HTTP/2 vulnerability
  from 0
• HIGH7.5CVE-2024-45397h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3.
  from 0
• HIGH7.5CVE-2019-9514Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS)
  from 0, < 2.2.5+dfsg2-3
• HIGH7.5CVE-2019-9512golang.org/x/net/http vulnerable to a reset flood
  from 0, < 2.2.5+dfsg2-2+deb10u1
• HIGH7.5CVE-2019-9512golang.org/x/net/http vulnerable to a reset flood
  from 0, < 2.2.5+dfsg2-3
• HIGH7.5CVE-2019-9515Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service.
  from 0, < 2.2.5+dfsg2-3
• HIGH7.5CVE-2017-10908H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.
  from 0, < 2.2.4+dfsg-1
• HIGH7.5CVE-2017-10869Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors.
  from 0, < 2.2.3+dfsg-1
• HIGH7.5CVE-2017-10868H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header.
  from 0, < 2.2.3+dfsg-1
• MEDIUM6.7CVE-2023-41337h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3.
  from 0
• MEDIUM6.5CVE-2017-10872H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors.
  from 0, < 2.2.4+dfsg-1
• MEDIUM4.3CVE-2024-25622h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3.
  from 0