Envoy Security Vulnerabilities and Issues — Envoy CVE List

Lucene search

EnvoyproxyEnvoy

5 matches found

CVE•added 2020/07/01 3:15 p.m.•101 views

CVE-2020-12605

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.

7.5CVSS7.4AI score0.00607EPSS

CVE•added 2020/07/01 3:15 p.m.•96 views

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.

7.5CVSS7.3AI score0.00435EPSS

CVE•added 2020/07/01 2:15 p.m.•92 views

CVE-2020-12603

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.

7.5CVSS7.4AI score0.00607EPSS

CVE•added 2020/07/01 3:15 p.m.•91 views

CVE-2020-8663

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.

7.5CVSS7.4AI score0.00091EPSS

CVE•added 2020/07/14 10:15 p.m.•69 views

CVE-2020-15104

In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. For example, with a SAN of *.example.com, Envoy would incorrectly allow nested.subdomain.example.com, whe...

5.5CVSS5.2AI score0.00116EPSS