Lucene search
Veracode Vulnerability DatabaseVERACODE:33223HistoryDec 10, 2021 - 6:40 a.m.
Denial Of Service (DoS)
2021-12-1006:40:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
45.6%
servicemesh is vulnerable to denial of service. The vulnerability exists due to a lack of check on the envoys procedure for resetting a HTTP/2 stream has O(N^2) complexity.
References
access.redhat.com/errata/RHEA-2021:4051
bugzilla.redhat.com/show_bug.cgi?id=1996946
github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
istio.io/latest/news/security/istio-security-2021-008/
www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history
www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history
Related
redhatcve
redhatcve
CVE-2021-32778
2021-08-24 22:14:49
nvd
nvd
CVE-2021-32778
2021-08-24 21:15:09
prion
prion
Design/Logic Flaw
2021-08-24 21:15:00
osv
osv
BIT-envoy-2021-32778
2024-03-06 10:58:13
CVE-2021-39204
2021-09-09 22:15:09
CVE-2021-32778
2021-08-24 21:15:09
cve
cve
CVE-2021-32778
2021-08-24 21:15:09
cvelist
cvelist
CVE-2021-32778 Excessive CPU utilization when closing HTTP/2 streams
2021-08-24 20:30:11
github
github
Excessive CPU usage
2021-09-10 17:54:13
nessus
nessus
Oracle Linux 7 : olcne (ELSA-2021-9525)
2021-11-09 00:00:00
Oracle Linux 8 : olcne / istio / istio / kubernetes (ELSA-2021-9546)
2021-11-10 00:00:00
oraclelinux
oraclelinux
olcne security update
2021-11-10 00:00:00
olcne istio istio kubernetes security update
2021-11-09 00:00:00
olcne security update
2021-11-09 00:00:00