DEBIAN-CVE-2017-10908

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2017-10908
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2017-10908.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2017-10908
Upstream
Published
2017-12-22T14:29:12.640Z
Modified
2026-06-13T09:00:36.271378008Z
Summary
[none]
Details

H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.

References

Affected packages

Debian:11 / h2o

Package

Name
h2o
Purl
pkg:deb/debian/h2o?arch=source&distro=bullseye

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.4+dfsg-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2017-10908.json"

Debian:12 / h2o

Package

Name
h2o
Purl
pkg:deb/debian/h2o?arch=source&distro=bookworm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.4+dfsg-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2017-10908.json"