Vulnerability known as CVE-2023-30847

Informational
29 April 2023, 18:12 UTC

Vulnerability known as CVE-2023-30847

Status: closed
Date: 27 April 2023, 13:33 UTC
End: 29 April 2023, 18:12 UTC
Duration: 2 days 4 hours 38 minutes
Affected Components:
General Updates
Affected Groups:
All Public Users
Update

27 April 2023, 13:33 UTC

27 April 2023, 13:33 UTC

Vulnerability known as “Malformed HTTP/1.1 Request Causes Out Of Memory Error Within H2O Server With HTTP Backend (Zero Day)” (CVE-2023-30847).

Fastly is aware of a recently disclosed out of memory error vulnerability in H2O. Fastly has investigated the vulnerability to determine exploitability within our environment and interconnectivity with H2O systems. 

At this time we have determined that our platform is not at risk to this vulnerability, but will continue to monitor the situation.

Resolved

29 April 2023, 18:12 UTC

29 April 2023, 18:12 UTC

At this time we have determined that our platform is not at risk to this vulnerability, but will continue to monitor the situation.