Back to search
CVE-2020-12604
Published: Jul 1, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/envoyproxy/envoy/commits/master
x_refsource_MISC
https://github.com/envoyproxy/envoy/security/advisories/GHSA-8hf8-8gvw-ggvx
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now