Skip to main content

Incorrect Access of Indexable Resource ('Range Error')

CVE-2017-10872

Severity Medium
Score 6.5/10

Summary

H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.

References

Advisory Timeline

  • Published