Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2020/02/04 12:0 a.m.34 views

Photon OS 1.0: Envoy PHSA-2020-1.0-0268

An update of the envoy package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0268. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid133470...

9.8CVSS8.1AI score0.02502EPSS
Exploits1References2
NVD
NVD
added 2019/12/13 1:15 p.m.28 views

CVE-2019-18801

An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1. This may be used to corrupt nearby heap contents leading to a query-of-death scenario or may be used to bypass Envoy's...

9.8CVSS9.5AI score0.02502EPSS
Exploits1References5
CVE
CVE
added 2019/12/13 12:20 p.m.89 views

CVE-2019-18801

CVE-2019-18801 affects Envoy 1.12.0 where an untrusted remote client can send HTTP/2 requests that write to the heap outside of request buffers when the upstream is HTTP/1, potentially causing heap corruption (query‑of‑death) or bypassing access controls like path-based routing. The vulnerability...

9.8CVSS9.3AI score0.02502EPSS
Exploits1References5Affected Software1
Symantec
Symantec
added 2019/12/11 12:0 a.m.41 views

Envoy CVE-2019-18801 Heap Buffer Overflow Vulnerability

Description Envoy PHP is prone to a heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows attackers to execute arbitrary code in the contex...

0.3AI score0.02502EPSS
Exploits1References2Affected Software3
Rows per page
Query Builder