Lucene search
GoogleOSV:CVE-2019-18802HistoryDec 13, 2019 - 1:15 p.m.
CVE-2019-18802
2019-12-1313:15:11
Google
osv.dev
4
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from “header-value” so for example with the Host header "example.com " one could bypass “example.com” matchers.
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0722-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2020-0147)
2022-01-28 00:00:00
openSUSE: Security Advisory for nghttp2 (openSUSE-SU-2020:0379-1)
2020-03-26 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : nghttp2 (SUSE-SU-2020:0722-1)
2020-03-20 00:00:00
Photon OS 2.0: Envoy PHSA-2020-2.0-0207
2020-02-13 00:00:00
openSUSE Security Update : nghttp2 (openSUSE-2020-379)
2020-03-26 00:00:00
redhatcve
redhatcve
CVE-2019-18802
2020-04-09 07:30:20
suse
suse
Security update for nghttp2 (moderate)
2021-02-25 00:00:00
Security update for nghttp2 (moderate)
2020-03-25 00:00:00
nvd
nvd
CVE-2019-18802
2019-12-13 13:15:11
cve
cve
CVE-2019-18802
2019-12-13 13:15:11
cvelist
cvelist
CVE-2019-18802
2019-12-13 12:21:26
mageia
mageia
Updated nghttp2 packages fix security vulnerability
2020-04-01 04:56:57
veracode
veracode
Privilege Escalation
2019-12-12 00:24:27
prion
prion
Design/Logic Flaw
2019-12-13 13:15:00
redhat
redhat
photon
photon