Lucene search
Veracode Vulnerability DatabaseVERACODE:47403HistoryJun 07, 2024 - 5:23 a.m.
Denial Of Service (DoS)
2024-06-0705:23:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
github
envoyproxy
vulnerability
denial of service
http client
buffer
out-of-memory
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
github.com/envoyproxy/envoy is vulnerable to Denial Of Service (DOS). The vulnerability is due to the async HTTP client buffering the mirror response with an unbounded buffer, which allows attackers to potentially cause an out-of-memory scenario by sending huge responses.
Related
vulnrichment
vulnrichment
redhatcve
redhatcve
CVE-2024-34364
2024-06-14 02:42:32
cve
cve
CVE-2024-34364
2024-06-04 21:15:34
cvelist
cvelist
nvd
nvd
CVE-2024-34364
2024-06-04 21:15:34
osv
osv
BIT-envoy-2024-34364
2024-06-06 07:17:26
nessus
nessus
Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2024-037)
2024-06-24 00:00:00
Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2024-647)
2024-06-24 00:00:00
Tenable.ad < 3.59.5 Multiple Vulnerabilities (TNS-2024-11)
2024-07-08 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
Related for VERACODE:47403