Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-07-01T14:24:49
Updated: 2024-08-04T12:04:21.672Z
Reserved: 2020-05-01T00:00:00
Link: CVE-2020-12604
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-07-01T15:15:12.923
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-12604
Redhat