Lucene search

K
prionPRIOn knowledge basePRION:CVE-2019-15225
HistoryAug 19, 2019 - 11:15 p.m.

Design/Logic Flaw

2019-08-1923:15:00
PRIOn knowledge base
www.prio-n.com
3

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.1%

In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993.

CPENameOperatorVersion
envoyle1.11.1

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.1%