Описание
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks.
A resource consumption vulnerability was found in the servicemesh-proxy in Envoy. An attacker could send specially crafted small HTTP/1.1 packets that, when processed, could cause excessive amounts of memory to be used, possibly degrading or crashing the application.
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks.
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when ...
Уязвимость сетевого программного средства Envoy, связанная с неконтролируемым расходом ресурса, позволяющая нарушителю вызвать отказ в обслуживании
7.5 High
CVSS3