Lucene search
MitreCVELIST:CVE-2019-18838HistoryDec 13, 2019 - 12:22 p.m.
CVE-2019-18838
2019-12-1312:22:33
mitre
www.cve.org
3
An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated “Invalid request” response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request’s Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process.
Related
osv
osv
CVE-2019-18838
2019-12-13 13:15:11
nvd
nvd
CVE-2019-18838
2019-12-13 13:15:11
cve
cve
CVE-2019-18838
2019-12-13 13:15:11
veracode
veracode
Denial Of Service (DoS)
2019-12-12 00:24:27
prion
prion
Null pointer dereference
2019-12-13 13:15:00
redhatcve
redhatcve
CVE-2019-18838
2019-12-10 23:50:56
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat OpenShift Service Mesh 1.0.3 RPMs (RHSA-2019:4222)
2019-12-13 00:00:00
Photon OS 1.0: Envoy PHSA-2020-1.0-0290
2020-04-29 00:00:00
Photon OS 2.0: Envoy PHSA-2020-2.0-0229
2020-04-22 00:00:00
photon
photon