CVE-2020-8663

Опубликовано: 30 июн. 2020

Источник: redhat

CVSS3: 7.5

Описание

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.

A flaw was found in envoy in versions through 1.14.1. Accepting too many connections may lead to an exhaustion of file descriptors and/or memory. The highest threat from this vulnerability is to system availability.

Отчет

A uncontrolled resource consumption vulnerability was found in Envoy. An attacker can initiate too many connections to the proxy potentially exhausting file descriptors and/or memory resulting in a denial of service.

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=1844254envoy: Resource exhaustion when accepting too many connections

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-8663

CVSS3: 7.5

nvd

больше 5 лет назад

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.

CVE-2020-8663

CVSS3: 7.5

debian

больше 5 лет назад

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descr ...

openSUSE-SU-2022:0065-1

suse-cvrf

почти 4 года назад

Security update for envoy-proxy

7.5 High

CVSS3