dena
Security Risk Profile
48
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 21 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from September 20, 2015 to present
21
Total CVEs
15
Critical+High
1
Exploited
5
Unpatched
Threat Assessment
Avg CVSS
7.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
5
Critical/High
Risk Level
48/100
medium
⚠️ 1 Active Exploits⚡ 1 Zero-Days
Severity Distribution
Critical
3High
12Medium
6Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
Use After Free
3
2
Buffer Overflow
2
3
Input Validation
2
4
Double Free
1
5
CRLF Injection
1
Most Affected Products
1. Dena H2o27
2. Apache Tomcat14
3. Microsoft Windows 1011
4. Microsoft Visual Studio 20227
5. Siemens Sinec Ins6
Recent Vulnerabilities
See more →CVE-2024-45402
CVSS 9.8critical
Picotls double free
10/11/2024
CVE-2024-45396
CVSS 7.5high
Quicly assertion failures
10/11/2024
CVE-2024-45403
CVSS 7.5high
H2O assertion failure when HTTP/3 requests are cancelled
10/11/2024
CVE-2024-45397
CVSS 7.5high
H2O alllows bypassing address-based access control with 0-RTT
10/11/2024
CVE-2024-25622
CVSS 4.3medium
H2O ignores headers configuration directives
10/11/2024
CVE-2023-50247
CVSS 7.5high
h2o QUIC state exhaustion DoS
12/12/2023
CVE-2023-41337
CVSS 6.7medium
h2o vulnerable to TLS session resumption misdirection
12/12/2023
CVE-2023-44487
CVSS 7.5high
- Rapid Reset HTTP/2 vulnerability
10/9/2023⚠ Exploited⚡ Zero-Day
CVE-2023-30847
CVSS 8.2high
H2O vulnerable to read from uninitialized pointer in the reverse proxy handler
4/27/2023
CVE-2022-29482
CVSS 4.3medium
6/14/2022🔧 No Patch
Monitor dena in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.