Lucene search
+L

5 matches found

ibm
ibm
added 2025/04/15 3:34 a.m.21 views

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Envoy denial of service vulnerabilitiy(CVE-2024-32475).

Summary Potential Envoy denial of service vulnerabilitiyCVE-2024-32475 has been identified that affects IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-32475 DESCRIPTION: Envoy is vulnerable to a...

7.5CVSS7.6AI score0.00679EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2024/04/20 5:42 p.m.39 views

CVE-2024-32475

A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with "autosni" enabled, a request containing a "host/:authority" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of...

7.5CVSS7AI score0.00679EPSS
Exploits0References5
cve
cve
added 2024/04/18 2:18 p.m.113 views

CVE-2024-32475

CVE-2024-32475 affects Envoy when an upstream TLS cluster uses auto_sni and a host/:authority header longer than 255 characters is used as SNI. The vulnerability is triggered by attempting to set SNI to a value exceeding the 255-char limit, causing Envoy to abort abnormally instead of handling th...

7.5CVSS6.5AI score0.00679EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/04/18 2:18 p.m.26 views

CVE-2024-32475 Envoy RELEASE_ASSERT using auto_sni with :authority header > 255 bytes

Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with autosni enabled, a request containing a host/:authority header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when settin...

7.5CVSS7.5AI score0.00679EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/04/18 2:18 p.m.22 views

CVE-2024-32475 Envoy RELEASE_ASSERT using auto_sni with :authority header > 255 bytes

Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with autosni enabled, a request containing a host/:authority header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when settin...

7.5CVSS6.6AI score0.00679EPSS
Exploits0References2
Rows per page
Query Builder