Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-15225

Опубликовано: 19 авг. 2019
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
Версия до 1.11.1 (включая)

EPSS

Процентиль: 35%
0.00145
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-770

Связанные уязвимости

redhat логотип

CVE-2019-15225

CVSS3: 7.5
redhat
больше 6 лет назад

In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993.

github логотип

GHSA-fgr2-cr98-vm44

CVSS3: 7.5
github
больше 3 лет назад

In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993.

EPSS

Процентиль: 35%
0.00145
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-770