Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response
Vulnerability Description
Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory (OOM) vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Envoy 安全漏洞
Vulnerability Description
Envoy是一款开源的分布式代理服务器。 Envoy存在安全漏洞,该漏洞源于异步HTTP客户端将使用无界缓冲区缓冲响应,在镜像响应中存在内存不足(OOM)向量。
CVSS Information
N/A
Vulnerability Type
N/A