Known Vulnerabilities for products from H2o Project
Listed below are 8 of the newest known vulnerabilities associated with the vendor "H2o Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41167 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-41153 json | Not Provided | 2026-04-17 | 2026-04-20 | |
| CVE-2026-41145 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-41136 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-41135 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-40938 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-40924 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-40923 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-40896 json | Not Provided | 2026-04-20 | 2026-04-20 | |
| CVE-2026-40566 json | Not Provided | 2026-04-21 | 2026-04-21 | |
| CVE-2018-0608 json | Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of servi... | 9.8 - CRITICAL | 2018-06-26 | 2021-04-19 |
| CVE-2017-10908 json | H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2... | 7.5 - HIGH | 2017-12-22 | 2021-04-19 |
| CVE-2017-10872 json | H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors. | 6.5 - MEDIUM | 2017-12-22 | 2021-04-19 |
| CVE-2017-10869 json | Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspe... | 7.5 - HIGH | 2017-12-22 | 2021-04-19 |
| CVE-2017-10868 json | H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1... | 7.5 - HIGH | 2017-12-22 | 2021-08-12 |
| CVE-2016-7835 json | Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate p... | 9.1 - CRITICAL | 2017-06-09 | 2021-04-19 |
| CVE-2016-4817 json | lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 mishandles HTTP/2 disconnection, which allows remote at... | 7.5 - HIGH | 2016-06-19 | 2021-04-19 |
| CVE-2016-1133 json | CRLF injection vulnerability in the on_req function in lib/handler/redirect.c in H2O before 1.6.2 and 1.7.x before 1.7.0-beta... | 3.7 - LOW | 2016-01-16 | 2021-04-19 |
Known software with vulnerabilities from H2o Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | H2o Project | H2o | 1.6.1 |