Vulnerability Details CVE-2020-8661
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://access.redhat.com/errata/RHSA-2020:0734
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-36cq-ww7h-p4j7
- https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history
- https://access.redhat.com/errata/RHSA-2020:0734
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-36cq-ww7h-p4j7
- https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history
Products affected by CVE-2020-8661
-
cpe:2.3:a:cncf:envoy:1.13.0
-
cpe:2.3:a:redhat:openshift_service_mesh:1.0.9