Описание
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests.
A resource consumption vulnerability was found in the servicemesh-proxy in Envoy. An attacker could use pipelined requests to cause excessive amounts of memory to be used, possibly degrading or crashing the application.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1802540envoy: Response flooding for HTTP/1.1
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
почти 6 лет назад
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests.
CVSS3: 7.5
debian
почти 6 лет назад
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when ...
7.5 High
CVSS3