// For flags

CVE-2023-30847

H2O vulnerable to read from uninitialized pointer in the reverse proxy handler

Severity Score

8.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a certain type of invalid HTTP request, it tries to build an upstream URL by reading from uninitialized pointer. This behavior can lead to crashes or leak of information to back end HTTP servers. Pull request number 3229 fixes the issue. The pull request has been merged to the `master` branch in commit f010336. Users should upgrade to commit f010336 or later.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-04-18 CVE Reserved
  • 2023-04-27 CVE Published
  • 2024-05-29 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-824: Access of Uninitialized Pointer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dena
Search vendor "Dena"
 H2o
Search vendor "Dena" for product "H2o"
 <= 2.2.6
Search vendor "Dena" for product "H2o" and version " <= 2.2.6"
-
Affected
Dena
Search vendor "Dena"
 H2o
Search vendor "Dena" for product "H2o"
 2.3.0
Search vendor "Dena" for product "H2o" and version "2.3.0"
beta1
Affected
Dena
Search vendor "Dena"
 H2o
Search vendor "Dena" for product "H2o"
 2.3.0
Search vendor "Dena" for product "H2o" and version "2.3.0"
beta2
Affected