Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-0752

Опубликовано: 28 янв. 2025
Источник: nvd
CVSS3: 6.3
EPSS Низкий

Описание

A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openshift_service_mesh:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_service_mesh:2.6.3:*:*:*:*:*:*:*

EPSS

Процентиль: 42%
0.00196
Низкий

6.3 Medium

CVSS3

Дефекты

CWE-444

Связанные уязвимости

redhat логотип

CVE-2025-0752

CVSS3: 6.3
redhat
11 месяцев назад

A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy.

github логотип

GHSA-wpxv-x75w-vp46

CVSS3: 6.3
github
11 месяцев назад

A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy.

EPSS

Процентиль: 42%
0.00196
Низкий

6.3 Medium

CVSS3

Дефекты

CWE-444