CVE-2023-41337 | h2o up to 2.3.0-beta2 X.509 Certificate signature verification (GHSA-5v5r-rghf-rm6q)

Posted by Angelo Barbosa | Dec 12, 2023 | CVE

A vulnerability classified as problematic has been found in h2o up to 2.3.0-beta2. Affected is an unknown function of the component X.509 Certificate Handler. The manipulation leads to improper verification of cryptographic signature.

This vulnerability is traded as CVE-2023-41337. The attack can only be done within the local network. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-41337 | h2o up to 2.3.0-beta2 X.509 Certificate signature verification (GHSA-5v5r-rghf-rm6q)

Related Posts

CVE-2024-51181 | PHPGurukul IFSC Code Finder Project 1.0 profile.php searchifsccode cross site scripting

CVE-2024-27054 | Linux Kernel up to 5.15.152/6.1.82/6.6.22/6.7.10/6.8.1 s390 Privilege Escalation

CVE-2024-46872 | Mattermost up to 9.5.9/9.10.2/9.11.1 Playbook cross-site request forgery

CVE-2024-38514 | ChatGPTNextWeb ChatGPT-Next-Web up to 2.12.3 WebDav API Endpoint endpoint server-side request forgery (GHSA-gph5-rx77-3pjg)