FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

h2o -- Use-after-free vulnerability

Affected packages
h2o < 2.0.4_2

Details

VuXML ID d0b12952-cb86-11e6-906f-0cc47a065786
Discovery 2016-09-09
Entry 2016-12-29

Kazuho Oku reports:

A use-after-free vulnerability exists in H2O up to and including version 2.0.4 / 2.1.0-beta3 that can be used by a remote attacker to mount DoS attacks and / or information theft.

[source]

References

URL https://github.com/h2o/h2o/issues/1144
URL https://github.com/h2o/h2o/releases/tag/v2.0.5

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.