{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-25622", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-02-08T22:26:33.511Z", "datePublished": "2024-10-11T14:20:31.921Z", "dateUpdated": "2024-10-11T14:46:36.996Z"}, "containers": {"cna": {"title": "H2O ignores headers configuration directives", "problemTypes": [{"descriptions": [{"cweId": "CWE-670", "lang": "en", "description": "CWE-670: Always-Incorrect Control Flow Implementation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/h2o/h2o/security/advisories/GHSA-5m7v-cj65-h6pj", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/h2o/h2o/security/advisories/GHSA-5m7v-cj65-h6pj"}, {"name": "https://github.com/h2o/h2o/issues/3332", "tags": ["x_refsource_MISC"], "url": "https://github.com/h2o/h2o/issues/3332"}, {"name": "https://github.com/h2o/h2o/commit/123f5e2b65dcdba8f7ef659a00d24bd1249141be", "tags": ["x_refsource_MISC"], "url": "https://github.com/h2o/h2o/commit/123f5e2b65dcdba8f7ef659a00d24bd1249141be"}], "affected": [{"vendor": "h2o", "product": "h2o", "versions": [{"version": "< 123f5e2b65dcdba8f7ef659a00d24bd1249141be", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-10-11T14:20:31.921Z"}, "descriptions": [{"lang": "en", "value": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes (e.g., path level) are expected to inherit the configuration defined in outer scopes (e.g., global level). However, if a header directive is used in the inner scope, all the definition in outer scopes are ignored. This can lead to headers not being modified as expected. Depending on the headers being added or removed unexpectedly, this behavior could lead to unexpected client behavior. This vulnerability is fixed in commit 123f5e2b65dcdba8f7ef659a00d24bd1249141be."}], "source": {"advisory": "GHSA-5m7v-cj65-h6pj", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-11T14:46:20.223232Z", "id": "CVE-2024-25622", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T14:46:36.996Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-25622", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-11T14:46:20.223232Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T14:46:29.055Z"}}], "cna": {"title": "H2O ignores headers configuration directives", "source": {"advisory": "GHSA-5m7v-cj65-h6pj", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "h2o", "product": "h2o", "versions": [{"status": "affected", "version": "< 123f5e2b65dcdba8f7ef659a00d24bd1249141be"}]}], "references": [{"url": "https://github.com/h2o/h2o/security/advisories/GHSA-5m7v-cj65-h6pj", "name": "https://github.com/h2o/h2o/security/advisories/GHSA-5m7v-cj65-h6pj", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/h2o/h2o/issues/3332", "name": "https://github.com/h2o/h2o/issues/3332", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/h2o/h2o/commit/123f5e2b65dcdba8f7ef659a00d24bd1249141be", "name": "https://github.com/h2o/h2o/commit/123f5e2b65dcdba8f7ef659a00d24bd1249141be", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes (e.g., path level) are expected to inherit the configuration defined in outer scopes (e.g., global level). However, if a header directive is used in the inner scope, all the definition in outer scopes are ignored. This can lead to headers not being modified as expected. Depending on the headers being added or removed unexpectedly, this behavior could lead to unexpected client behavior. This vulnerability is fixed in commit 123f5e2b65dcdba8f7ef659a00d24bd1249141be."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-670", "description": "CWE-670: Always-Incorrect Control Flow Implementation"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-10-11T14:20:31.921Z"}}}, "cveMetadata": {"cveId": "CVE-2024-25622", "state": "PUBLISHED", "dateUpdated": "2024-10-11T14:46:36.996Z", "dateReserved": "2024-02-08T22:26:33.511Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-10-11T14:20:31.921Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC5F2FE2-7FF7-428D-9EC7-0201D0077BA8", "versionEndIncluding": "2024-02-11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes (e.g., path level) are expected to inherit the configuration defined in outer scopes (e.g., global level). However, if a header directive is used in the inner scope, all the definition in outer scopes are ignored. This can lead to headers not being modified as expected. Depending on the headers being added or removed unexpectedly, this behavior could lead to unexpected client behavior. This vulnerability is fixed in commit 123f5e2b65dcdba8f7ef659a00d24bd1249141be."}, {"lang": "es", "value": "h2o es un servidor HTTP compatible con HTTP/1.x, HTTP/2 y HTTP/3. Las directivas de configuraci\u00f3n proporcionadas por el controlador de encabezados permiten a los usuarios modificar los encabezados de respuesta que env\u00eda h2o. El archivo de configuraci\u00f3n de h2o tiene \u00e1mbitos y se espera que los \u00e1mbitos internos (por ejemplo, nivel de ruta) hereden la configuraci\u00f3n definida en los \u00e1mbitos externos (por ejemplo, nivel global). Sin embargo, si se utiliza una directiva de encabezado en el \u00e1mbito interno, se ignoran todas las definiciones en los \u00e1mbitos externos. Esto puede provocar que los encabezados no se modifiquen como se esperaba. Seg\u00fan si los encabezados se agregan o eliminan inesperadamente, este comportamiento podr\u00eda provocar un comportamiento inesperado del cliente. Esta vulnerabilidad se corrigi\u00f3 en el commit 123f5e2b65dcdba8f7ef659a00d24bd1249141be."}], "id": "CVE-2024-25622", "lastModified": "2024-11-12T20:04:39.957", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-10-11T15:15:03.947", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/h2o/h2o/commit/123f5e2b65dcdba8f7ef659a00d24bd1249141be"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://github.com/h2o/h2o/issues/3332"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/h2o/h2o/security/advisories/GHSA-5m7v-cj65-h6pj"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-670"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-670"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}