CVE-2019-15225

In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993.
References
Link Resource
https://github.com/envoyproxy/envoy/issues/7728 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*

Information

Published : 2019-08-19 16:15

Updated : 2020-08-24 10:37


NVD link : CVE-2019-15225

Mitre link : CVE-2019-15225


JSON object : View

CWE
CWE-770

Allocation of Resources Without Limits or Throttling

Advertisement

dedicated server usa

Products Affected

envoyproxy

  • envoy