Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Envoy 代码问题漏洞
Vulnerability Description
Envoy是一款开源的分布式代理服务器。 Envoy 1.12.0版本中存在代码问题漏洞。远程攻击者可借助特制HTTP请求利用该漏洞导致Envoy进程异常终止(拒绝服务)。
CVSS Information
N/A
Vulnerability Type
N/A