21 matches found
EUVD-2020-29512
Malware in sbrugna...
EUVD-2020-29508
Malware in sbrugna...
EUVD-2020-29509
Malware in sbrugna...
EUVD-2020-29507
Malware in sbrugna...
Denial Of Service (DoS)
elog is vulnerable to denial of service DoS attacks. CNCF Envoy consumes excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small chunks...
CVE-2020-8660
CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed not recognized as a TLS client by a client using only TLS 1.3. Because TLS extensions SNI, ALPN were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some...
CVE-2020-8660
CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed not recognized as a TLS client by a client using only TLS 1.3. Because TLS extensions SNI, ALPN were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some...
Design/Logic Flaw
CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed not recognized as a TLS client by a client using only TLS 1.3. Because TLS extensions SNI, ALPN were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some...
CVE-2020-8661
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests...
CVE-2020-8664
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
CVE-2020-8664
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
CVE-2020-8659
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small i.e. 1 byte chunks...
Design/Logic Flaw
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests...
Design/Logic Flaw
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
Code injection
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small i.e. 1 byte chunks...
CVE-2020-8660
CVE-2020-8660 concerns CNCF Envoy up to version 1.13.0. The TLS inspector could be bypassed when a TLS 1.3 client is used, because TLS extensions such as SNI and ALPN were not inspected, potentially causing connections to be matched to the wrong filter chain and bypassing some security restrictio...
CVE-2020-8660
CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed not recognized as a TLS client by a client using only TLS 1.3. Because TLS extensions SNI, ALPN were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some...
CVE-2020-8664
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
CVE-2020-8661
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests...
CVE-2020-8661
CVE-2020-8661 affects Envoy (via Red Hat OpenShift Service Mesh 1.0.9 servicemesh-proxy). The Red Hat advisory RHSA-2020:0734 lists CVE-2020-8661 among fixes and describes mitigations for multiple envoy issues; the vulnerability is mapped to excessive CPU/memory use when proxying HTTP/1.1, which ...