3 matches found
CVE-2020-8659
CVE-2020-8659 affects the Envoy proxy used in Photon OS (Envoy package). The vulnerability causes memory exhaustion when proxying HTTP/1.1 requests or responses with many tiny chunks. Photon OS advisories PHSA-2020-1.0-0290 and PHSA-2020-2.0-0229 indicate updates to the envoy package are availabl...
CVE-2020-8661
CVE-2020-8661 affects Envoy (via Red Hat OpenShift Service Mesh 1.0.9 servicemesh-proxy). The Red Hat advisory RHSA-2020:0734 lists CVE-2020-8661 among fixes and describes mitigations for multiple envoy issues; the vulnerability is mapped to excessive CPU/memory use when proxying HTTP/1.1, which ...
CVE-2020-8664
CVE-2020-8664 is reported in the Red Hat OpenShift Service Mesh 1.0.9 servicemesh-proxy advisory (RHSA-2020:0734). The issue is an incorrect Access Control when using SDS with a Combined Validation Context in Envoy, which could affect access controls across multiple resources and is one of severa...