Unrated severityNVD Advisory· Published Jul 1, 2020· Updated Aug 4, 2024
CVE-2020-12603
CVE-2020-12603
Description
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Envoy/Envoydescription
- Range: <=1.14.2, <=1.13.2, <=1.12.4
- osv-coords3 versionspkg:bitnami/envoypkg:rpm/opensuse/envoy-proxy&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/envoy-proxy&distro=SUSE%20Package%20Hub%2015%20SP3
< 1.12.5+ 2 more
- (no CPE)range: < 1.12.5
- (no CPE)range: < 1.14.6-bp153.3.4.1
- (no CPE)range: < 1.14.6-bp153.3.4.1
Patches
Vulnerability mechanics
References
2- github.com/envoyproxy/envoy-setec/issues/80mitrex_refsource_MISC
- github.com/envoyproxy/envoy/security/advisories/GHSA-pc38-4q6c-85p6mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.