Envoy@1.14.2 Security Vulnerabilities and Issues — Envoy@1.14.2 CVE List

Lucene search

EnvoyproxyEnvoy1.14.2

3 matches found

CVE•added 2020/07/01 3:15 p.m.•101 views

CVE-2020-12605

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.

7.5CVSS7.4AI score0.00607EPSS

CVE•added 2020/07/01 3:15 p.m.•96 views

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.

7.5CVSS7.3AI score0.00435EPSS

CVE•added 2020/07/01 2:15 p.m.•92 views

CVE-2020-12603

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.

7.5CVSS7.4AI score0.00607EPSS