{"id":"CVE-2016-4817","details":"lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 mishandles HTTP/2 disconnection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted packet.","modified":"2026-04-11T04:02:29.473176Z","published":"2016-06-19T01:59:11.903Z","references":[{"type":"ADVISORY","url":"http://jvn.jp/en/jp/JVN87859762/index.html"},{"type":"ADVISORY","url":"http://jvndb.jvn.jp/jvndb/JVNDB-2016-000091"},{"type":"ADVISORY","url":"https://github.com/h2o/h2o/pull/920"},{"type":"FIX","url":"https://github.com/h2o/h2o/commit/1c0808d580da09fdec5a9a74ff09e103ea058dd4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/h2o/h2o","events":[{"introduced":"0"},{"last_affected":"822f6696f5a380d42b2125f3530e2ca997d16d95"},{"introduced":"0"},{"last_affected":"788d3dcf683f65acc43a0dd81a75d697574b7656"},{"fixed":"1c0808d580da09fdec5a9a74ff09e103ea058dd4"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.7.2"},{"introduced":"0"},{"last_affected":"2.0.0"}]}}],"versions":["v0.9.1","v0.9.2","v1.0.1","v1.1.0","v1.1.1","v1.2.0","v1.3.0","v1.3.0-beta1","v1.3.1","v1.4.0","v1.4.1","v1.4.2","v1.5.0","v1.5.0-beta1","v1.5.0-beta2","v1.5.0-beta3","v1.5.0-beta4","v1.5.1","v1.5.2","v1.5.3","v1.6.0","v1.6.0-beta1","v1.6.0-beta2","v1.7.0","v1.7.0-beta1","v1.7.0-beta2","v1.7.0-beta3","v1.7.0-beta4","v1.7.0-beta5","v1.7.1","v1.7.2","v2.0.0","v2.0.0-beta1","v2.0.0-beta2","v2.0.0-beta3","v2.0.0-beta4","v2.0.0-beta5"],"database_specific":{"vanir_signatures_modified":"2026-04-11T04:02:29Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4817.json","vanir_signatures":[{"target":{"file":"lib/http2/connection.c"},"id":"CVE-2016-4817-59daa686","deprecated":false,"digest":{"line_hashes":["329239125789124087182915064940731376125","266309510554630169712264012537103885330","197975614374828376140268295922414557673","88220809129850639336858084392335629537","264420450238353059047339551284803211427","105768331291502333328196447212649985142","101985462780240376266675775266166062940","16853485741457918660628260381936812258","288713173150179118716946275085263877024","289826459888828424977032830879727587397","60174033087969577437234742526071942338","199625314356774529948513761081529147428","209835943162243931517005908515314847205","274342591813652804326888717120840676412","60017146153803948156149809713385384696","61231778414654015687969942411931505954","323220998124955799820809640371820826541","83630824525165648455721562733994244144","29993085774509740062677308642609663815","188889563878087960953354398331796175930","129776294623353418334243229886839028024","12779954271799651926114189920953886087","328555839365560475332753126823504737131","75534149408212975149345679727818638341","309593389191819227610748371966607787432","28627878095721931108278994499449785225","71803716231536038745320003104207006781","289130918354319889562547388440406977231","275162912589252339225434569048670363574","291958405221619009527991290958432627218","295195926032936637007314322432550540456","192071179894503489437241386203404076195","280085862657928528487581404240480500535"],"threshold":0.9},"signature_version":"v1","signature_type":"Line","source":"https://github.com/h2o/h2o/commit/1c0808d580da09fdec5a9a74ff09e103ea058dd4"},{"target":{"function":"close_connection","file":"lib/http2/connection.c"},"id":"CVE-2016-4817-5e1a9eba","deprecated":false,"digest":{"length":218,"function_hash":"9254488288664784072808278735934685341"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/h2o/h2o/commit/1c0808d580da09fdec5a9a74ff09e103ea058dd4"},{"target":{"function":"on_read","file":"lib/http2/connection.c"},"id":"CVE-2016-4817-c51e6c3b","deprecated":false,"digest":{"length":325,"function_hash":"340094519555268223943403087251481593318"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/h2o/h2o/commit/1c0808d580da09fdec5a9a74ff09e103ea058dd4"},{"target":{"function":"parse_input","file":"lib/http2/connection.c"},"id":"CVE-2016-4817-d83e6edc","deprecated":false,"digest":{"length":1165,"function_hash":"133981974142536589208943285040293713390"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/h2o/h2o/commit/1c0808d580da09fdec5a9a74ff09e103ea058dd4"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}