x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-12603 #2273
Labels
excluded: LEGACY_FALSE_POSITIVE
(DO NOT USE) Vulnerability marked as false positive before we introduced the triage process
CVE-2020-12603 references github.com/envoyproxy/envoy, which may be a Go module.
Description:
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.
References:
Cross references:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: