exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2019-18802

около 6 лет назад

An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.

CVSS3: 7.5

EPSS: Низкий

CVE-2019-18802

около 6 лет назад

An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.

CVSS3: 9.8

EPSS: Низкий

openSUSE-SU-2021:0341-1

почти 5 лет назад

Security update for nghttp2

EPSS: Низкий

openSUSE-SU-2020:0379-1

почти 6 лет назад

Security update for nghttp2

EPSS: Низкий

SUSE-SU-2020:0722-1

почти 6 лет назад

Security update for nghttp2

EPSS: Низкий

GHSA-fx83-72pw-c56f

больше 3 лет назад

An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-18802 An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.	CVSS3: 7.5	0% Низкий	около 6 лет назад
CVE-2019-18802 An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.	CVSS3: 9.8	0% Низкий	около 6 лет назад
openSUSE-SU-2021:0341-1 Security update for nghttp2		0% Низкий	почти 5 лет назад
openSUSE-SU-2020:0379-1 Security update for nghttp2		0% Низкий	почти 6 лет назад
SUSE-SU-2020:0722-1 Security update for nghttp2		0% Низкий	почти 6 лет назад
GHSA-fx83-72pw-c56f An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.	CVSS3: 9.8	0% Низкий	больше 3 лет назад

Уязвимостей на страницу