CVE-2023-41337 | h2o up to 2.3.0-beta2 X.509 Certificate signature verification (GHSA-5v5r-rghf-rm6q)

Posted by Angelo Barbosa | Dec 12, 2023 | CVE

A vulnerability classified as problematic has been found in h2o up to 2.3.0-beta2. Affected is an unknown function of the component X.509 Certificate Handler. The manipulation leads to improper verification of cryptographic signature.

This vulnerability is traded as CVE-2023-41337. The attack can only be done within the local network. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-41337 | h2o up to 2.3.0-beta2 X.509 Certificate signature verification (GHSA-5v5r-rghf-rm6q)

Related Posts

CVE-2024-22064 | ZTE ZXUN-ePDG up to 5.20.19 unknown vulnerability

CVE-2024-4959 | Frontend Checklist Plugin up to 2.3.2 on WordPress Setting cross site scripting

CVE-2024-20327 | Cisco IOS XR on ASR 9000 PPPoE denial of service (cisco-sa-iosxr-pppma-JKWFgneW)

CVE-2024-8594 | Autodesk AutoCAD 2025.1 MODEL File libodxdll.dll heap-based overflow