H2O HTTP Server DoS Vulnerability CVE-2016-7835
- CVSSv3 Score
- Vulnerability description
H2O HTTP Server is prone to a denial of service vulnerability.
- Risk description
A use-after-free vulnerability exists in H2O that can be used by a remote attacker to execute DoS attacks or information theft An unauthenticated remote attacker may cause a DoS condition or obtain arbitrary information which may include the server certificates private keys, depending on the softwares settings.
Update to version 2.0.5, 2.1.0-beta4 or later.
- Not available