CVE-2019-9900

When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorized resources.
Configurations

Configuration 1 (hide)

cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:redhat:openshift_service_mesh:-:*:*:*:*:*:*:*

History

01 Jan 2022, 20:16

Type Values Removed Values Added
CPE cpe:2.3:a:redhat:openshift_service_mesh:-:*:*:*:*:*:*:*
References (CONFIRM) https://github.com/envoyproxy/envoy/security/advisories/GHSA-x74r-f4mw-c32h - (CONFIRM) https://github.com/envoyproxy/envoy/security/advisories/GHSA-x74r-f4mw-c32h - Exploit, Mitigation, Third Party Advisory
CWE CWE-20 CWE-74

Information

Published : 2019-04-25 15:29

Updated : 2024-02-04 20:20


NVD link : CVE-2019-9900

Mitre link : CVE-2019-9900

CVE.ORG link : CVE-2019-9900


JSON object : View

Products Affected

envoyproxy

  • envoy

redhat

  • openshift_service_mesh
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')