CVE-2019-9900
6.5
CVSS:3.0/AC:H/AV:N/A:L/C:L/I:L/PR:N/S:C/UI:N
Summary
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorized resources.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2019:0741
- https://www.envoyproxy.io/docs/envoy/v1.9.1/intro/version_history
- https://github.com/envoyproxy/envoy/issues/6434
- https://groups.google.com/forum/#%21topic/envoy-announce/VoHfnDqZiAM
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-x74r-f4mw-c32h
References
- https://access.redhat.com/errata/RHSA-2019:0741
- https://www.envoyproxy.io/docs/envoy/v1.9.1/intro/version_history
- https://github.com/envoyproxy/envoy/issues/6434
- https://groups.google.com/forum/#%21topic/envoy-announce/VoHfnDqZiAM
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-x74r-f4mw-c32h
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.