CVE-2020-12605

CVE-2020-12605

EPSS 1.4%

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/envoyproxy/envoy/security/advisories/GHSA-fjxc-jj43-f777 https://github.com/envoyproxy/envoy-setec/issues/137